Author: Admin
As a vCISO, you are responsible for your client’s cybersecurity strategy and risk management. It involves multiple disciplines, from research to execution to reporting. We recently published a complete tutorial for vCISO, “Your First 100 Days as a vCISO – 5 Steps to Success”which covers all the steps involved in running a successful vCISO engagement, along with recommended actions and step-by-step examples. After the success of the tutorial and the requests we received from the MSP/MSSP community, we decided to dig deeper into specific parts of the vCISO reports and provide more color and examples. In this article, we will…
The opportunities for using AI to automate workflows are many and varied, but one of the easiest ways to use AI to save time and improve your organization’s security is by building an automated SMS analysis service. The Tines workflow automation platform provides a good example of how to do this. The supplier recently released its first own functions of artificial intelligenceand security teams have already started sharing AI-enhanced workflows they’ve created using the platform. Tines library of built-in workflows includes AI-enhanced built-in workflows for normalizing alerts, creating cases, and determining which phishing emails require escalation. Let’s take a closer…
The relationship between the various TDS and DNS associated with the Vigorish Viper and the final landing experience for the user A Chinese organized crime syndicate linked to money laundering and people-trafficking across Southeast Asia is using a sophisticated “technological complex” that runs the full spectrum of cybercrime supply chains to spearhead its operations. There is an info block tracking pseudonymous owner and custodian Cheerful vipernoting that it was developed by the Yabo Group (aka Yabo Sports), which has been linked to illegal gambling and pig slaughter scam in the past. It was renamed Kaiyun Sports in late 2022 and…
July 22, 2024Information hallCloud Security / Phishing Attack Financially motivated actor codenamed Latin America (LATAM). FLUX ROOT saw the use of Google Cloud serverless projects to orchestrate credential phishing, highlighting the misuse of the cloud computing model for malicious purposes. “Serverless architectures are attractive to developers and enterprises because of their flexibility, cost-effectiveness and ease of use,” Google said in its biennial release. Threat Horizons Report (PDF) shared with The Hacker News. “These same features make serverless computing services for all cloud providers attractive to threat actors who use them to deliver and communicate their malware, host and direct users…
Headquartered in Singapore with a focus on servicing clients in Indonesia, Jixie offers a comprehensive suite of monetization and marketing growth tools. Its platform is a robust advertising ecosystem that connects publishers and brand owners with the ability to co-create solutions through reliable customer insights. This transforms marketing from a fragmented process with limited control into a strategic priority, amplifying simplicity while safeguarding brand safety, consumer data and privacy. The integration of Jixie’s platform into Accenture Song’s marketing capabilities will help clients optimize customer data effectively and efficiently into actionable insights, regaining the control, speed and trust needed to securely…
Millions of people in Indonesia, a vast archipelago of more than 17,000 islands, are not currently hooked up to reliable internet services Tech billionaire Elon Musk and Indonesia’s health minister, Budi Gunadi Sadikin, inaugurate the launch of the Starlink internet service in Bali’s capital of Denpasar on Sunday. — AFP/fileDENPASAR, Indonesia: Tech billionaire Elon Musk launched Sunday his Starlink service on Indonesia’s resort island of Bali as the country aims to extend internet to its remote areas. Millions of people in Indonesia, a vast archipelago of more than 17,000 islands, are not currently hooked up to reliable internet services.Musk,…
July 22, 2024Information hallVulnerability / Malware JavaScript downloader malware known as SocGholish (aka FakeUpdates) is used to deliver a remote access trojan named AsyncRAT as well as a legitimate open source project called BOINC. BOINKshort for Berkeley Open Infrastructure Network Computing Client, is open source “volunteer computing”. platform is supported by the University of California to perform “large-scale, high-throughput distributed computing” using home computers running the program. “In that way, it’s similar to a cryptocurrency miner (using computer resources to do work), and it’s actually designed to reward users with a specific type of cryptocurrency called Gridcoin designed for that…
Cyber security researchers have discovered a new variant of Linux ransomware known as to play (aka Balloonfly and PlayCrypt) which is designed for VMWare ESXi environments. “These developments indicate that the group may be expanding its attacks on the Linux platform, leading to more victims and more successful ransom negotiations,” Trend Micro researchers said. said in a report released Friday. Play, which appeared on the scene in June 2022, is known for its dual extortion tactics, encrypting systems after stealing sensitive data and demanding payment in exchange for a decryption key. According to estimates published by Australia and the United…
The National Cyber and Encryption Agency (BSSN) has selected French cyber security tech company Thales as its partner to optimize cyber security in the Indonesian digital sector. BSSN and Thales cooperates in cyber security BSSN and Thales previously signed a memorandum of understanding (MoU) in the first quarter of 2023 to secure Indonesia’s internet industry. The MoU was signed by Hinsa Siburian, the Head of BSSN, and Nicolas Bouverot, Vice-President of Thales Asia. Hinsa said that the MoU signing is in line with the directive of the National Cyber Security Strategy (SKSN), which emphasizes strengthening collaboration with private cyber security…
Privy, a provider of digital trust in Indonesia, has bagged $48m for its Series C funding round, which was led by private equity giant KKR.Other commitments came from existing backers MDI Ventures, GGV Capital and Telkomsel Mitra Inovasi, as well as first-time investor Singtel Innov8.With the funds, the RegTech company plans to bolster its position in Indonesia. It will also build new consumer and enterprise products that enable users to access a wider range of services securely. Funds will also be used to help Privy expand internationally.Privy believes this investment is a testament to the rising digital economy in Indonesia.…