Tag Archive for: trusted

A Leak Details Apple’s Secret Dirt on Corellium, a Trusted Security Startup


Zach Edwards, an independent privacy and security researcher, says that “sensitive technology cannot be haphazardly sold to any company, in any country in the world.”

“While Corellium is a reverse-engineering tool that doesn’t intrinsically create risks through its sale, the core purpose of the tool is to reverse malware,” Edwards says. “And if you sell the product to malware developers in countries averse to Western interests, we should assume that this tool will be used to improve malware.”

A person who tried Corellium in the past, who asked to remain anonymous because they were not allowed to speak to the press, says that “given what’s happening in the world today, you shouldn’t be dealing with Russian companies,” such as Elcomsoft. 

Elcomsoft’s CEO Katalov says that “the decision to work with a company based in Russia is a personal choice.”

“Please rest assured that we still strive to provide the best software and services, and trying to keep good relationships with our customers all over the world,” he adds. “We will just keep doing our job, making the world a safer place and battling the crime.”

Adrian Sanabria, a cybersecurity veteran, says that it’s not surprising that “groups interested in creating iOS exploits would be using a platform designed for iOS security research.” 

“For me, the core takeaway is that Apple created the need for platforms like Corellium by not providing the tools, access, and transparency the market needs and desires,” he says.

Danger Zones

Some of the organizations and companies linked to Corellium in the document come from countries seen as controversial by most people in the cybersecurity community in the West, including Alex Stamos, who acted as an expert witness for Corellium in the lawsuit against Apple.  

“I personally don’t believe it would be ethical to sell exploits to Saudi Arabia,” Stamos, the director of Stanford University’s Internet Observatory, said during testimony he provided in the lawsuit between Apple and Corellium, which is quoted in the document.  

Stamos also expressed doubts about selling products to the United Arab Emirates, whose government had a close relationship with…

Source…

HPE extends Trusted Supply Chain initiative globally for ProLiant servers


Hewlett Packard Enterprise Co. is making a global push for supply chain security in its server line.

Two years ago, HPE launched its Trusted Supply Chain initiative to advance end-to-end security in servers for U.S. federal and public sector customers. This month, HPE is announcing an expansion of this program globally for its ProLiant server portfolio.

“We have launched a comparable service globally called HPE Server Security Optimization Service for ProLiant,” said Cole Humphreys (pictured, right), global server security product manager at HPE. “We can deliver it in the European markets and now in the Asia-Pacific markets. It is a big deal for us, because now we have activated a meaningful supply chain security benefit for our entire global network of partners and customers.”

Humphreys spoke with Lisa Martin, industry analyst for theCUBE, SiliconANGLE Media’s livestreaming studio. He was joined by Ann Potten (pictured, left), trusted supply chain program lead at HPE, and they discussed rising costs of cybercrime, a 360-degree approach to computer security, new tools for component tracking, and protection for hardware end-of-life. (* Disclosure below.)

Supply chain risk

HPE’s drive for meaningful supply chain security comes at a time when the topic is generating significant enterprise interest. Recent compromises of the software supply chain, through exploits such as the SolarWinds attack, have led to greater awareness of software and hardware components.

HPE’s Trusted Supply Chain initiative in 2020 focused on providing customers with cyber assurance to ensure they were receiving verifiably authentic and uncompromised products. The cost of ransomware attacks and breaches has escalated since then, and HPE is seeking to expand enterprise protection.

“It’s estimated that cybercrime cost will reach over $10.5 trillion by 2025 and will be even more profitable than the global transfer of all major illegal drugs combined,” Potten said. “The SolarWinds software supply chain was attacked two years ago, which unfortunately went unnoticed for several months. These things together and coming from multiple directions presents a cybersecurity challenge for an…

Source…

Arm, Microsoft say arch can be trusted with real server work • The Register


Arm is this week celebrating passing a few of its own self-set milestones in its long quest to compete against x86 stalwarts Intel and AMD in the server processor space.

One, we’re told, is that Microsoft Ampere Altra-based Azure servers are now Arm SystemReady SR certified, “the first cloud solution provider (CSP) server to do so,” said Arm Chief System Architect Andy Rose on Monday.

Another is that Azure VMs powered by Altra processors are the first of their kind to be certified as compliant with the SystemReady Virtual Environment standard. And the other breakthrough, according to Rose, is that there have been more than 50 certifications of SystemReady products since the launch of the program.

Introduced in late 2020 as part of Arm’s Project Cassini, SystemReady defines a set of firmware and hardware standards for things like servers and workstations, embedded electronics, and smartNICs, and is intended to ensure software runs without a hitch on compliant systems. If your application stack is designed for, say, the SystemReady SR set of requirements, you should be confident that it’ll run on products that are certified as SystemReady SR compliant.

This kind of validation is important because Arm lacks the luxury of decades of server and workstation software support enjoyed by its x86 competitors, Daniel Newman, principal analyst and founder of Futurum, told The Register. “I think the idea of change is somewhat daunting for many organizations,” he added.

Growing by degrees

SystemReady essentially provides software developers, original equipment vendors, and chipmakers a baseline for system development. The SystemReady Base System Architecture, for example, provided a minimum set of hardware requirements to boot an operating system.

Arm initially offered four certification tiers. SystemReady LS targeted hyperscaler-like server hardware running Linux-based operating systems and hypervisors, while…

Source…

What is Escobar malware? | Trusted Reviews


Android users have this month been hit by Escobar, malicious software built to steal your personal data and online banking details while disguised as legitimate antivirus software.

It does this using a combination of remote control features, showing you fake bank login screens and capturing two-factor authentication tokens from SMS messages or the Google Authenticator 2FA app.

It can also record audio, take photos and screenshots, download your media, uninstall apps, send text messages, monitor your calls messages and notifications, disable your phone’s lock code, copy your contacts and steal application keys.

Spotted in the wild in early March by MalwareHunterTeam and documented in detail by threat intelligence firm Cybele, Escobar disguises itself as the McAfee Security app. It’s a trojan horse: a type of program that tricks the user into thinking it’s something else so that they install it and give it the permissions it needs to go about its nefarious business.

The app’s full name is com.escobar.pablo, named by its creators after the infamous Colombian terrorist and drug trafficker. It’s a version of the Aberebot banking trojan, which was first seen in the summer of 2021. Aberebot’s source code was put up for sale in November 2021, leading malware analysts to suggest that new variants would be on the way.

BleepingComputer found posts promoting a beta version of new Escobar variant on hacking forums in February 2020, available for other threat actors to rent at discounted price while it’s in development.

Escobar adds new features, most notably the ability to steal Google Authenticator codes an integrated VNC (Virtual Network Computing) viewer to watch and remotely control infected devices. The Google Authenticator code…

Source…