Connect with us

Technology

India under attack by rapidly-evolving advanced persistent threat actor SideCopy, says Cisco Talos • The Register

Published

on

Cisco’s Talos security unit says it has detected an increased rate of attacks on targets on the Indian subcontinent and named an advanced persistent threat actor named SideCopy as the source.

The outfit on Wednesday posted that it has tracked “an increase in SideCopy’s activities targeting government personnel in India using themes and tactics similar to APT36 (aka Mythic Leopard and Transparent Tribe)”. SideCopy’s infrastructure, Talos opined, “indicates a special interest in victims in Pakistan and India,” as the malware used only initiates actions if it detects infections in those two countries.

The name SideCopy appears to have first been used by security firm Seqrite in a September 2020 analysis of previous attacks on Indian military targets. Seqrite said it has seen SideCopy activity from 2019.

Talos, in a 23-page report [PDF] on the matter, says the group has been active since 2018.

Whatever SideCopy’s age, Talos claims it has observed “a boost in their development operations”.

That increased effort to give Indian authorities grief has seen SideCopy spawn new remote access trojans – some of which use plug-ins to imbue them with additional functionality. Notable RATs loosed by SideCopy include:

  • MargulasRAT, a custom creation which masquerades as a VPN application from India’s National Informatics Centre;
  • CetaRAT, an oldie but a goodie;
  • DetaRAT, a previously unknown C#-based RAT that contains several RAT capabilities similar to CetaRAT;
  • ReverseRAT, a new C#-based reverse shell that also monitors removable drives. Based on CetaRAT;
  • ActionRAT: A Delphi-based RAT that resembles another well-known RAT named Allakorem, but goes about its business using different methods. Talso found a C#-based version, suggesting a port to Microsoft’s .Net platform.

The group is also using what Talos calls “commodity” trojans in its attacks.

Talos says SideCopy is slinging its RATS using “many infection techniques – ranging from LNK files to self-extracting RAR EXEs and MSI-based installers” and that the use of multiple tactics “is an indication that the actor is aggressively working to infect their victims”.

The Cisco unit feels “a focus on espionage” is evident.

Talos also suggests that SideCopy has more exploits in store. “This boost in SideCopy’s operations aided by multiple infection chains, RATs and plugins marks the group’s intent to rapidly evolve their tactics, techniques and procedures,” the report concludes. ®

Source link

Technology

CEOs told to ‘think before they tweet’ after Just Eat spat with Uber | Twitter

Published

on

Chief executives are being warned to “think twice before they tweet” after the boss of takeaway company Just Eat Takeaway was told his Twitter spat with Uber threatened to undermine the firm’s reputation.

Jitse Groen this week became the latest in a growing list of chief executives to be rebuked by customers, investors and even regulators over ill-judged tweets.

Cat Rock Capital Management, an activist investor which has a 4.7% stake in Just Eat, highlighted Groen’s Twitter battle with Uber boss Dara Khosrowshahi as an example of outbursts that damaged the brand. The investor said Groen’s tweets had partly led to the firm being “deeply undervalued and vulnerable to takeover bids at far below its intrinsic value”.

Earlier this year Groen had a rant at financial analysts on Twitter, claiming that “some can’t even do basic maths”. He tweeted that he was “amazed how bad these analysts have become … All of them mix up definitions. It’s unbelievable.”

Brand and marketing expert Mark Borkowski said Groen’s case highlighted the difficulty executives face when trying to engage with customers on the platform.

“Everyone sees Twitter as a huge marketing opportunity that can drive a business forward, and it really can,” Borkowski said. “But these bosses must stop and think twice before they tweet, as just one misjudged tweet can send their share price plunging.”

Possibly the most expensive tweets ever sent were posted by Elon Musk, the maverick boss of electric car company Tesla, in 2018. The US Securities and Exchange Commission fined Musk and Tesla $20m each after he tweeted that he had “funding secured” to take the company private at $420 a share. The regulator said the tweet, which sent Tesla’s share price up by as much as 13%, violated securities law. As part of the settlement, Musk was ordered to step down as Tesla’s chairman.

Musk’s tweets continued to anger some investors. Pirc, an influential adviser to shareholders including the UK’s local authority pension funds, last year recommended that investors voted against Musk’s re-election to the Tesla board because his tweets posed “a serious risk of reputational harm to the company and its shareholders”.

Pirc said his controversial outbursts on Twitter had cost Tesla millions of dollars in settlements, but Musk easily won the vote, and has continued to tweet several times a day to his 59 million followers.

“Twitter is all about personality,” Borkowski said. “While Musk’s tweets can be very controversial, they fit with his brand. Twitter is perfect for renegades, mavericks and disruptor brands. It’s much harder for well-established brands with solid reputations, if something goes wrong for them they risk damage to their hard-earned brand.

“People now think that to run a successful business, you have to be on social media and every brand has to have a Twitter account,” he said. “The chief executives see that the bosses of their rivals have a Twitter profile, and they feel they have to have one too.”

Borkowski said some bosses have been very successful at building a presence and personality on Twitter, and using their platforms to promote social issues such as LGBTQ+ rights and the Black Lives Matter movement (as well as promote their brand and products).

James Timpson, the chief executive of cobbler Timpson, this week celebrated passing 100,000 followers on his account on which he weaves photos of his colleagues working in shops with posts tackling tax avoidance and prisoner reform.

This week, he responded to Boris Johnson’s proposal to create “fluorescent-jacketed chain gangs” of people found guilty of antisocial behaviour with a tweet suggesting offenders should be helped into work instead.

Tim Cook, the chief executive of Apple, has won praise for using Twitter to successfully pressure the governor of Indiana into revising proposed legislation that had threatened to allow discrimination against gay people on religious grounds.

Researchers at Harvard Business School and Duke University said Cook “effectively framed the debate using social media at a time when opinions were being formed and the impact went beyond the political”.

Borkowski suggested that before chief executives tweet they should “consider whether they have the personality and temperament to get the tone right each time”.

“There is nothing more inelegant than a chief executive going after rivals publicly on Twitter,” he said.

Sign up to the daily Business Today email

It was exactly that sort of behaviour that Cat Rock had accused Groen of undertaking. When Uber Eats announced earlier this year that it would take on Just Eat in Germany, Groen lashed out in a tweet directed at Khosrowshahi, accusing him of “trying to depress our share price”.

Khosrowshahi replied that perhaps Groen should “pay a little less attention to your short term stock price and more attention to your Tech and Ops”. That sparked Groen to reply “thank you for the advice, and then if I may .. Start paying taxes, minimum wage and social security premiums before giving a founder advice on how he should run his business”.

Alex Captain, Cat Rock’s founder, said: “The response should not happen on Twitter. It should happen on a credible forum with the facts, data, and analysis that the company has at its disposal.”

A Just Eat spokesperson said: “Just Eat Takeaway.com has a regular dialogue with all its shareholders and we take all their views very seriously.”



Source link

Continue Reading

Technology

AWS to retire classic EC2 – the compute service that started the IaaS rush • The Register

Published

on

Comment Amazon Web Services has announced the retirement of its third cloud service: the Amazon Elastic Compute Cloud, aka EC2 Classic.

A July 28 post by AWS Chief Evangelist Jeff Barr explains that the service was superseded in 2009 by Amazon Virtual Private Cloud, then again by Virtual Private Clouds for Everyone in 2013.

Barr’s post explains that customers who signed up with AWS since December 4, 2013, couldn’t use EC2 Classic unless they specifically requested it. The bulk of AWS customers will not, therefore, be inconvenienced by the service’s retirement.

Those that do use the service need to be on their toes, because AWS has set a deadline of August 15, 2022 – after which it expects “no remaining EC2 Classic resources present in any AWS account,” and all migrations to something else will be complete.

As a reminder, on October 31, 2021, AWS will disable EC2 Classic for accounts that don’t use the service and stop selling reserved instances. Barr writes that AWS will work with customers to make those migrations as easy as can be.

“We don’t plan to disrupt any workloads and will do our best to help you to meet these dates,” Barr explains.

The AWS man also reminisces about how EC2 became a big hit, fast. “We helped Animoto to scale to a then-amazing 3,400 instances when their Facebook app went viral,” he writes.

AWS has scaled things rather higher since: in 40th place on the June 2021 update to the Top 500 list of Earth’s mightiest supercomputers was a 172,692-core machine that ran for just 24 minutes in the Amazonian cloud.

EC2 was AWS’s third service. It debuted in August 2006, after the March 2006 debut of the Simple Storage Service and the July arrival of Simple Queue Service.

That all three sparked a vast and important change in business computing is not in dispute. Service providers had previously rented remotely-located compute and storage, but AWS made them more accessible and scalable than predecessors. AWS prices were also shockingly low – in a good way – and its services took off.

The Register cannot think of an enterprise computing product or vendor that has not been influenced by AWS and EC2. Makers of on-prem IT have all striven to become more cloud-like ever since EC2 debuted – both in terms of the user experience and by charging for consumption rather than up-front. Whole new software development and deployment practices have emerged to take advantage of elastic resources sold as-a-service.

EC2 has also left a cultural footprint, as the likes of Netflix realized that cloud computing offered previously unavailable possibilities.

AWS brings in more than $50bn of annual revenue, and is widely regarded as the dominant force in cloud computing.

Barr’s post states that AWS will give EC2 Classic “a gold watch and a well-deserved sendoff!”

The service deserves that, and more. ®

Source link

Continue Reading

Technology

Got an idea for the future of science in Ireland?

Published

on

The Creating Our Future initiative is seeking 10,000 ideas on which to base Ireland’s next science and research agenda.

The Government of Ireland is hosting a ‘national brainstorm’ to guide the future of science and research in the country.

First announced last month, a nationwide conversation about research and innovation has officially kicked off today (28 July) at CreatingOurFuture.ie.

The online portal aims to collect 10,000 ideas from a broad section of the Irish public. It will be open for submissions from now until the end of November.

‘Nobody has a monopoly on good ideas’
– SIMON HARRIS, TD

“Covid-19 has highlighted, like never before, the vital role that research has played in mitigating challenges facing the country,” said Minister for Research, Innovation and Science Simon Harris, TD. “But we have many more challenges and opportunities that research rigour and analytical excellence can help us with to build a better future for Ireland.”

Harris added: “Good ideas and curiosity are the starting point for most research, and nobody has a monopoly on good ideas. So, we are asking everyone to submit that idea that they have been thinking about, or have a conversation with their neighbours, host an event with a researcher or in your local community to think about what might make a difference and let us know.”

Events will be held across the country until the Creating Our Future ideas portal closes, inviting and encouraging citizens and communities to engage with the project.

The national initiative is itself an idea borrowed from similar efforts in other countries. A key inspiration was a programme driven by FWO, the Flanders research foundation. Launched in the spring of 2018, its Question for Science campaign received 10,559 responses, and has returned answers to more than 1,500.

These questions formed the basis of the Flemish Science Agenda, a strategy for science and innovation that is built on societal issues and citizens’ curiosity. Questions asked of FWO included ‘What is the effect of the 24-hour economy on psychological health?’ and ‘How can we avoid war and violence?’.

The Irish effort is hoped to deepen relationships between the Irish science community and the public it serves, and the resounding call from organisers is for all to participate.

Support Silicon Republic

“This is an important opportunity to contribute to shaping future research. I encourage everyone to get involved,” said Taoiseach Micheál Martin, TD.

“This isn’t for any one section of society, we want to engage everyone in conversations in communities across the country, to inspire curiosity and generate ideas for research that will shape our future.”

All responses submitted to the portal will be collated and shared with an independent expert panel of researchers and civil society leaders.

There is also a Creating Our Future advisory forum chaired by Nokia Bell Labs global head of external collaboration programmes, Julie Byrne. In this role, Byrne brings researchers together for collaborative work and she herself has almost 30 years’ experience in engineering, tech and research.

“Over the coming months we will have many conversations about research across the country to gather ideas from our communities that research can tackle to create a better future for all of us,” she said. “I encourage everyone to get involved so that we capture ideas from all communities across the country.”

The results of the campaign will be published in a report by the end of 2021. This will go on to inform Ireland’s future strategy for research, innovation, science and technology.

Previously, Science Foundation Ireland’s director of science for society called on Irish citizens join a mass public debate about lessons learned throughout the Covid-19 pandemic.

Dr Ruth Freeman spoke at Future Human in 2020 about the importance of including the voice of the public in shaping the future of science.

“Giving people more of a say in their future is clearly the right and democratic thing to do, and it might just make for better science as well,” she said.

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!