Archive for May 15, 2020

ESET Research Discovers Cyber Espionage Framework Ramsay

Posted in Commentary with tags on May 15, 2020 by itnerd

ESET researchers have discovered a previously unreported cyber espionage framework they dub Ramsay. The framework is tailored for collecting and exfiltrating sensitive documents from air-gapped systems that are not connected to the internet or other online systems. Since the number of victims so far is very low, ESET believes that this framework is under an ongoing development process. 

According to ESET findings, Ramsay has gone through several iterations based on the different instances of the framework found, denoting a linear progression on the number and complexity of its capabilities. The developers in charge of infection vectors seem to be trying different approaches, such as using old exploits for Microsoft Word vulnerabilities from 2017 and deploying trojanized applications for delivery, potentially via spear-phishing. The three discovered versions of Ramsay differ in complexity and sophistication, with the latest third version being the most advanced, especially with regard to evasion and persistence.

Ramsay’sarchitecture provides a series of capabilities managed via a logging mechanism:

  • File collection and covert storage: The primary goal of this framework is to collect all existing Microsoft Worddocuments within a target’s file system.
  • Command execution: Ramsay’s control protocol implements a decentralized method of scanning and retrieving commands from control documents.
  • Spreading: Ramsay’s embeds a component that seems to be designed to operate within air-gapped networks.

For more technical details about Ramsay, read the blog post “Ramsay: A cyber espionage toolkit tailored for Air-Gapped Networks” on WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.

Global Spike In Demand For Application Performance Monitoring During COVID-19 Pandemic

Posted in Commentary on May 15, 2020 by itnerd

With the pandemic requiring enterprise organizations to shift to an almost completely digital world, the importance of high performing applications and digital services has never been more critical.

Data analysts examined organic surges in AppDynamics website traffic, trending web search terms, and the most commonly asked questions from its customers between a peak period of intensity in the COVID-19 pandemic (March 1 – April 4, 2020)  to identify the challenges IT professionals are facing. The findings highlighted three core challenges:

  1. Demand for Application Performance Monitoring is on the rise

Resources about implementing an Application Performance Monitoring strategy saw a 35 percent increase in web traffic on its company website, and information about application performance testing saw a 24 percent increase in traffic.

  1. Cloud monitoring support is critical

With more than 40% increase in traffic to cloud monitoring related pages on its website.

  1. Developers are turning to microservices to scale new demand.

With a 21% increase in web traffic for resources focused on addressing challenges with microservices adoption and how to use microservices to help measure business transactions.

Additional details can be found here

Montreal’s B2B Quotes Looks To Duplicate Business Success In English Canada

Posted in Commentary on May 15, 2020 by itnerd

B2B Quotes, a matchmaking platform that brings together clients looking for services (digital transformation, web development, video production, training, SEO, marketing, CRM/ERP, app developers) and suppliers (agencies and freelancers) is making a push into English Canada to support an increase in project demand.

The company which started operations in Quebec in 2017 already has a roster of 2,000 suppliers and has matched them with thousands of client projects.  Currently about 15 per cent of B2B Quotes suppliers are from English Canada but the company is looking to build that base in response to an increasing demand on the client-side.

Both clients and suppliers are vetted by B2B Quotes.  Once a project is approved by the platform, suppliers receive notification of the opportunity which details the job parameters and budget.  Suppliers are matched to the work request via an algorithm that determines the three best suited service providers for the posting.  Clients do not pay for posting jobs, but suppliers pay a fee to bid. 

Founded in 2017, Montreal-based B2B Quotes is a matchmaking platform that brings together clients looking for services (digital transformation, web development, video production, training, SEO, marketing, HR consulting, app developers) and suppliers (agencies and freelancers). B2B Quotes is a part of the NextAI 2020 cohort (May) and has received pre-seed funding from DuProprio founder Nicolas Bouchard. 

Guest Post: NordVPN Discusses Why Even The FBI Recommends Using A VPN

Posted in Commentary with tags on May 15, 2020 by itnerd

Free public Wi-Fi is now one of the most prevalent cybersecurity threats. The risks are becoming so common that even the FBI recommends avoiding free internet hotspots. Along with that, it advises using a virtual private network (VPN) as a precautionary measure. 

In its recent official video, the US Federal Bureau of Investigation (FBI) informs about the risks of public internet networks. The main reason is that no user “can’t control the security standards of a public Wi-Fi network.” But even the Bureau has to admit that sometimes it’s more than essential to access the web, especially when traveling or working remotely. 

One can make a safe Wi-Fi connection by using a trustworthy VPN service. As the Bureau’s representative adds, “VPN creates a secure tunnel for your data to transit the Internet, using a network of private servers.” This way, your data is encrypted or hidden. Thus, it is harder for an attacker to misuse your data. 

“One of the biggest online threats is free public Wi-Fi. Hackers often position themselves as free Wi-Fi hotspots. And by doing so, they can steal personal information, credit card details, or other data”, says Daniel Markuson, the digital privacy expert at NordVPN. He also emphasizes the risks of public Wi-Fi, noting that it is better to use your mobile data instead.

Yet sometimes there is no other choice but to use public Wi-Fi. For this reason, Daniel Markuson, the digital privacy expert at NordVPN, provides useful safety tips:

  • Double-check the network name with the staff when connecting to a Wi-Fi in a coffee shop or a hotel. 
  • Avoid visiting sensitive websites and logging into your social accounts. More importantly, never perform banking transactions on public Wi-Fi. 
  • If you must log into your private accounts, make sure you have set up two-factor authentication. Use a digital signature to perform any important transactions.
  • Enable your firewall. Combined with other security tools, it keeps outsiders from going through your computer’s data. 
  • Use a VPN (virtual private network). A reliable VPN, like NordVPN, will make sure your online connections are private, and no sensitive data can get into the hands of criminals. 
  • Remember to turn off the Wi-Fi function on your device when not using it. It will spare you from the unwanted connections with Wi-Fi networks surrounding you.

Daniel Markuson recommends being extra cautious about connecting to any Wi-Fi hotspot in a public place. To save your private information and to protect yourself from possible identity theft, stay away from unsafe networks, or use a VPN, like NordVPN.