Tag: high | Page 4

Mallox Ransomware Group Activity Shifts Into High Gear

July 21, 2023/in Internet Security

A ransomware actor with a penchant for breaking into target networks via vulnerable SQL servers has suddenly become very active over the past several months and appears poised to become an even bigger threat than it is already.

The group, tracked as Mallox — aka TargetCompany, Fargo, and Tohnichi — first surfaced in June 2021 and claims to have infected hundreds of organizations worldwide since then. The group’s victims include organizations in the manufacturing, retail, wholesale, legal, and professional services sectors.

Sudden Surge

Starting earlier this year, threat activity related to the group has surged, particularly in May, according to researchers at Palo Alto Networks’ Unit 42 threat intelligence team. Palo Alto’s telemetry, and that from other open threat intelligence sources, show a startling 174% increase in Mallox-related activity so far this year, compared to 2022, the security vendor said in a blog this week.

Previously, Mallox was known for being a relatively small and closed ransomware group, says Lior Rochberger, senior security researcher at Palo Alto Networks, attributes the explosive activity to concerted efforts by group leaders to grow Mallox operations.

“In the beginning of 2023, it appears that the group started putting more efforts into expanding its operations by recruiting affiliates,” she says. “This can potentially explain the surge we observed during this year, and especially more recently, around May.”

The Mallox group’s typical approach for gaining initial access on enterprise networks is to target vulnerable and otherwise insecure SQL servers. Often they start with a brute-force attack where the adversary uses a list of commonly used passwords or known default passwords against an organization’s SQL servers.

Targeting Insecure SQL Servers

Researchers have observed Mallox exploiting at least two remote code execution vulnerabilities in SQL — CVE-2020-0618 and CVE-2019-1068, Rochberger says.

So far, Unit 42 has only observed Mallox infiltrating networks via SQL servers. But other researchers have reported recent attempts to distribute Mallox via phishing emails, suggesting that new affiliate groups are involved now as well, Rochberger says.

“After…

Source…

High salary, job security rewards of a career in Computer Engineering

May 7, 2023/in Computer Security

As Computer Engineering is a vast and diverse field, those choosing to study in this field with the right aptitude would never be disappointed. Along with a high salary and status, there is also the opportunity to work satisfactorily and have good living conditions. Another notable factor is job security. By keeping up with the latest trends, adapting to the changes and resolving the challenges, Computer Engineering professionals would be able to forge ahead.

High salary

Computer Engineering and Information Technology are the two job sectors that offer high salaries in the present times. As per the US Bureau of Labor Statistics, employees in these two sectors earn twice than the national average. Jobs such as web development and computer support technicians do not require a degree but can get high salaries.

Degree-holders working as network architect, programmer, system analyst, software developer, and hardware engineer get only average salary.

…

Source…

Linux malware hit a new high in 2022

January 22, 2023/in Computer Security

Linux might be enjoying a boost as more and more devices get powered by the operating system, but with popularity also inevitably come crooks, with new reports claiming the number of malware targeting the software skyrocketing in 2022.

Findings from Atlas VPN based on data from threat intelligence platform AV-ATLAS, claims that in 2022 there were 1.9 million new Linux malware threats, bringing the figure up 50% year-on-year.

Most of the new Linux (opens in new tab) malware samples were discovered in the first three months of the year, the report further claims.

Secure operating system

In Q1 2022, researchers discovered 854,690 new strains. In Q2, the number dropped by 3%, with 833,065 new strains detected.

Malware developers for Linux must have taken a sabbatical in the third quarter of the year, as the number of new detections plummeted 91%, to 75,841. In the fourth quarter of the year, the figures picked up once again, growing by 117% to 164,697.

Despite these findings, Linux is still a “highly secure operating system”, the researchers say.

“The open-source nature of Linux allows for constant review by the tech community, leading to fewer exploitable security vulnerabilities. Additionally, Linux limits administrative privileges for users and compared to more widely used operating systems like Windows, it still has less malware targeting it.”

But crooks will not stop hunting for vulnerabilities in the world’s fifth most popular operating system, and businesses and consumers alike should always be on the lookout, the researchers concluded.

Linux might not be as popular as Windows, or macOS, but it’s a widely used operating system. From Android devices (which are built on Linux), to Chromebooks, video cameras, wearable devices, to all kinds of servers (web servers, database servers, email servers, etc.) there are more than 32 million endpoints running on Linux.

Source…

Can Cloud Telephony Services with Military Grade Security Enable Organizations to Create High Brand Value?

September 25, 2022/in Internet Security

By Shubham Patidar, Research Consultant at Fact.MR

In today’s technology driven world, the workforce is spread out between those working remotely and those working in offices, with some planning on returning to their office full-time and others remaining on a hybrid or remote model for the foreseeable future. While several companies worldwide have remained invested in the on-premises calling system, the reality is that, today, the shortest way to communicate is often through a stable internet connection.

Companies are thus investing huge sums in the development of a unified communications system with a cloud calling feature. Adapting their communication systems to this new technology can potentially improve or even future-proof the line of communication in and outside of an organization.

Cloud calling, often referred to as cloud telephony, helps in making a company’s overall phone system cost less. It provides voice communication services primarily through a third-party host. It is gradually replacing the need for traditional enterprise telephone systems, including private branch exchange across the globe.

Cloud telephony services further frees organizations from the burden of purchasing and storing stand-alone hardware such as handsets and private branch exchange boxes. It also sets the stage for equipping complementary unified communications as a service (UCaaS) features such as artificial intelligence (AI)-enabled customer support, keyword and voice analysis, interactive voice response (IVR), and call center capabilities.

Organizations nowadays are utilizing cloud telephony services to better connect their teams and make their employees more satisfied, engaged, and focused in their roles. The term ‘cloud telephony’ signifies a multi-tenant access model, with subscribers paying to utilize a provider’s pool of shared and commoditized resources.

As per Fact.MR, a leading market research firm, the global cloud telephony services industry is projected to reach a valuation of US$ 51.5 Billion by the end of 2032 and exhibit growth at a CAGR of 9.5% from 2022 to 2032. Surging need to reduce phone bills and the overall teleconferencing cost in an organization is expected to…

Source…

Tag Archive for: high

Sudden Surge

Targeting Insecure SQL Servers