Tag Archive for: industry

China calls hacking report ‘far-fetched’ and accuses the US of targeting the cybersecurity industry

/in


BEIJING — China’s government on Friday rejected as “far-fetched and unprofessional” a report by a U.S. security firm that blamed Chinese-linked hackers for attacks on hundreds of public agencies, schools and other targets around the world.

A foreign ministry spokesperson repeated accusations that Washington carries out hacking attacks and complained the cybersecurity industry rarely reports on them.

Mandiant’s report came ahead of a visit to Beijing by Secretary of State Antony Blinken aimed at repairing relations that have been strained by disputes over human rights, security and other irritants. Blinken’s visit was planned earlier this year but was canceled after what the U.S. government said was a Chinese spy balloon flew over the United States.

The report said hackers targeted email to engage in “espionage activity in support of the People’s Republic of China.”

“The relevant content is far-fetched and unprofessional,” said the Chinese spokesperson, Wang Wenbin.

“American cybersecurity companies continue to churn out reports on so-called cyberattacks by other countries, which have been reduced to accomplices for the U.S. government’s political smear against other countries,” Wang said.

The latest attacks exploited a vulnerability in a Barracuda Networks email system and targeted foreign ministries in Southeast Asia, other government agencies, trade offices and academic organizations in Taiwan and Hong Kong, according to Mandiant.

The American and Chinese flags wave at Genting Snow Park...

The American and Chinese flags wave at Genting Snow Park ahead of the 2022 Winter Olympics, in Zhangjiakou, China, on Feb. 2, 2022. Hackers linked to China were likely behind the exploitation of a software security hole in cybersecurity firm Barracuda Networks’ email security feature that affected public and private organizations globally, according to an investigation by security firm Mandiant. Credit: AP/Kiichiro Sato

It described the attacks as the biggest cyber espionage campaign known to be conducted by a ”China-nexus threat actor” since a 2021 attack on Microsoft Exchange. That affected tens of thousands of computers.

China is regarded, along with the United States and Russia, as a leader in the development of computer hacking…

Source…

“PowerDrop” PowerShell Malware Targets US Aerospace Industry

/in


A new PowerShell malware script named “PowerDrop” has been discovered to be used in attacks targeting the aerospace defense industry in the US.

The malware was discovered by security researchers at Adlumin, who last month found a sample of the malware in a defense contractor’s network.

On Tuesday, the Adlumin team published an advisory about PowerDrop, saying the malware “straddles the line between a ‘basic off-the-shelf threat’ and tactics used by Advanced Persistent Threat Groups (APTs).”

PowerDrop relies on advanced techniques to evade detection, including deception, encoding and encryption.

“The code for PowerDrop appears to be custom, designed to be stealthy and evade detection, executed via WMI, does not reside on disk, uses uncommon methods for communication and exfiltration of data and is not available as an off-the-shelf product,” explained James Lively, endpoint security research specialist at Tanium.

“[However], based on the capabilities of PowerDrop, how they are implemented, and how the threat actor is using PowerDrop in the aerospace industry, it is indicative of Advanced Persistent Threat (APT) activity.”

Andrew Barratt, vice president at Coalfire, added that criminal actors typically utilize PowerShell because of its extensive range of features and its capability to avoid detection by leveraging existing infrastructure in commonly used computing environments.

“These are useful because they can be easily dropped into a working environment by email or USB and don’t require a sophisticated zero-day to be burned as part of the attack,” Barratt added.

“The US and allies’ primary weapons system’s manufacturers should be on high alert for this activity and be critically monitoring their supply chains in case they become a source of attack.”

Read more on PowerShell malware: Microsoft Blames Clop Affiliate for PaperCut Attacks

Adlumin stated in their advisory that the perpetrator behind PowerDrop had not been specifically identified, but they suspect that nation-state hackers may be involved. 

“The absence of a clear attribution to a specific threat actor further deepens the mystery surrounding PowerDrop,” said Craig…

Source…

2 Security Stocks to Watch Amid the Industry Weakness

/in


Organizations are pushing back their investments in big and expensive technology products on growing global slowdown concerns amid the current macroeconomic challenges and geopolitical tensions, thereby making the outlook for the Zacks Security industry gloomy. Of late, supply-chain disruptions, component shortages and product cost inflation are some headwinds players in the space have been encountering. These, along with elevated operating expenses related to hiring new employees, and sales and marketing strategies to capture more market share, are likely to strain margins in the near term.

Despite such concerns, industry participants like Qualys, Inc. QLYS and Absolute Software Corporation ABST are likely to benefit from the rising need for IT security solutions due to a surge in the number of data breaches. Increasing requirements for privileged access security due to digital transformation and cloud migration strategies are also fueling the demand for cybersecurity solutions.

Industry Description

The Zacks Security industry comprises companies offering on-premise and cloud-based security solutions. The solutions can be used for identity access management, infrastructure protection, integrated risk management, malware analysis and Internet traffic management, to name a few. Industry participants offer different types of security solutions, most of which can be used interchangeably. These solutions can be roughly categorized into three types — Computer Security, Cybersecurity and Information Security. Computer Security solutions provide protection from vulnerabilities in both the software and hardware of a computer system. Cybersecurity includes sections like web security, network security, application security, container security and information security. Information Security is concerned with any form of data-security issue, be it physical or digital data.

Major Trends Shaping the Future of the Security Industry

Rising Cyber Threats Boost Demand for IT Security: Frequent cyberattacks are spurring the demand for security solutions. This trend has not only affected certain companies but also threatened the national security of some countries. The prevailing global health crisis…

Source…

Hackers, Fraudsters and Thieves: Understanding Cybersecurity in the Gaming Industry

/in


The gaming sector is under siege. The number of gaming-related cyber-attacks is growing at an alarming rate, and the online boom of the early 2000s brought hackers to the gate. In two decades, an industry worth tens of billions was transformed into one worth hundreds of billions in revenue – $221.4bn in 2023. Unsurprisingly, this growth and the opportunities it provides cyber-criminals did not go unnoticed. With such a lucrative target, hackers have long plagued the sector.

Moreover, the popularity of gaming has also been steadily increasing for years, with the total number of gamers soon to reach 3.32 billion in 2024. An increase in gamers has led to an abundance of targetable accounts storing all sorts of sensitive data. However, cyber-criminals aren’t just after gamers’ passwords and card details.

In-game digital assets, either through trickery or brute force, can be stolen or fabricated. Just last year, the most expensive CS:GO inventory, worth £2m, was stolen by hackers. And finally, let us not forget the bad actors who hack simply to gain a personal advantage over their fellow players.

What Impact Does This Have on the Gaming Industry?

From a developer or publisher standpoint, gaming-related cybercrime is detrimental to business. The inability to provide a safe and secure experience for players erodes consumer trust, undermines in-game economies and ultimately decreases game and microtransaction sales.

Just look at the bad PR that Fortnite has received recently. Admittedly, in this instance, a gaming behemoth like Epic Games will keep chugging along. But for smaller, less developed titles, such attacks can cause significant reputational damage. Consistently poor security practices will lead to diminishing player bases, either due to players giving up on the game or simply being unable to log in and play. For example, The Division is a game which experienced a player exodus largely due to rampant hacking. Despite the title’s financial success on release, The Division soon became known for its glitches, exploits and hacks that undermined the game’s long-term future. 

The most successful games are those that can maintain loyal player…

Source…