We Are Named Among Most Reviewed IT Services Companies in Estonia
In early August, The Manifest released a list of the most reviewed B2B service providers in Estonia for the year 2023. The companies included in this list have successfully completed the platform's rigorous evaluation process. Trilight Security OÜ was specifically recognized among the highly reviewed IT services firms from Estonia.
Despite the country facing certain economic challenges, there is a positive outlook for the upcoming years. Notably, key players in various high-tech industries like IT services, cybersecurity, software development, and others are actively contributing to bolster the nation's resilience.
The "Most Reviewed Company" award by The Manifest emphasises the importance of cultivating strong relationships between service providers and their clients. The entities featured in this list were chosen based on the quantity of testimonials and endorsements they garnered over the past twelve months.
Yan Shmyhol, CEO of Trilight Security, commented: "We are delighted to have received this award, which attests to our position as significant players in Estonia's IT services market. Furthermore, it motivates us to set new objectives for the upcoming assessment period."
Lazarus is Back. $35 million Stolen from Atomic Wallet
Hackers from North Korea are causing trouble again, and this time they targeted Atomic Wallet. They managed to steal a whopping $35 million in crypto.
The experts at Elliptic, who know their way around blockchain, have connected the dots and linked the theft to the Lazarus group. They've been busy tracking the stolen funds as they were moved around different wallets and mixers, in attempts to cover the tracks.
This attack on Atomic Wallet happened just last weekend, and it left a lot of innocent wallets compromised and their funds snatched away. The total haul reached over $35 million. According to Elliptic, this is the first big crypto heist of the year for Lazarus. Don’t forget, they've already blown through $100 million from the Harmony Horizon Bridge hack in June 2022, and a mind-boggling $620 million from Axie Infinity in March 2022. Who knows what they're spending it on? Maybe North Korean rockets or their nuclear program?
You might be wondering how Elliptic can be so confident in their attribution. Well, it turns out that the laundering strategy used in this attack was the same as in their previous heists. They also used the Sinbad mixer again, and a good chunk of the stolen funds ended up in the same wallets that were linked to Lazarus before.
Even though laundering stolen cryptocurrency has become trickier lately, there are still some less scrupulous exchanges out there where these things can happen. That's why wallet developers and operators need to step up their cybersecurity efforts and seriously audit and test their code. Unless they want to unknowingly contribute to funding some dictator's science projects, right?
But here's the big question that keeps bugging some experts: Who the heck is behind the Lazarus group? The world is a curious place, so maybe there are some folks pretending to be North Koreans, flaunting their top-notch computer skills. Who knows, right?
Emotet: Look, Who's Back
The #emotet malware operation re-started its activity this Tuesday morning. It resumed sending out spam emails after a three-month break.
Emotet malware is distributed through emails containing malicious Microsoft Word and Excel document attachments. The user needs to open the document and activate macroses, so the Emotet DLL will be downloaded and loaded into memory.
One of the peculiar features of Emotet is that, initially, it is not active and waits until instructions are received from a remote command and control server. Then several options are possible, for instance, the victims’ emails and contacts will be stolen to be included in subsequent Emotet campaigns, or an additional payload will be downloaded to run a ransomware attack against the infected computer.
Back then, Emotet was one of the most widely distributed malware. Now it is less active, but there are still some evolutions, as the latest developments have shown.
This time spam includes docs using Red Dawn templates, and they are huge indeed, with sizes over 500MB. Previously spam messages used to be reply chains, now they pretend to be invoices. These ZIP archives contain inflated Word documents containing the data mostly used to make the files harder for being scanned and detected by antiviruses as malicious.
After downloading, Emotet will be saved to a random-named folder under %LocalAppData% and launched using regsvr32.exe. This is an evasion technique that proved to be quite successful. VirusTotal scan showed that only one out of 64 security vendors would detect this malware.
However, with recent changes by Microsoft, when it finally disabled macros by default, the current campaign might not be a success. At least additional payloads are not yet observed in action. We might expect that Emotet will move to exploit other files than .doc and .xls, such as ISO, JS, etc.
For a reliable protection against malware, leverage reliable endpoint protection, vulnerability management, managed security, and data backup services, such as provided by #TrilightSecurity
Trilight Security at the VІ Inter-Institutional Seminar: Cyber Socialization in the Conditions of Increased Uncertainty. An After-Taste
On August 26, 2022, the VI Inter-Institutional Seminar titled "Cybersocialization in Conditions of Increased Uncertainty" was held. This event was organized by the Laboratory of Psychology of Mass Communication and Media Education of the Institute of Social and Political Psychology of the National Academy of Educational Sciences of Ukraine, in collaboration with the Department of Cognitive Science and Artificial Intelligence at Tilburg School of Humanities and Digital Sciences.
The seminar attracted approximately 50 participants from various countries, including the Netherlands, Ukraine, Spain, Hungary, Colombia, Belgium, and Kosovo. The primary objective was to enhance international cooperation among scientific institutions in the fields of cyberpsychology and cyber technologies. It provided a platform for experience exchange, dissemination of research findings, discussions on media and digital literacy, and media psychological challenges. The seminar facilitated high-level scientific discussions on cyber and media psychology topics, uniting scholars and practitioners from diverse disciplines and countries, and laying the groundwork for future scientific collaboration.
Trilight Security experts became active participants in the event, providing valuable insights regarding modern cybersecurity technologies and solutions, and guidance as to potentially merging areas of social psychology and modern IT. Over the months that passed since the event, our team has provided numerous consultations and advice to researchers from different countries regarding the technological aspects of cyber socialization. We are proud to have made an impact on scientific research programs in different regions of the world.
More on the event can be found here.
Researchers Disclose 56 Vulnerabilities Impacting OT Devices from 10 Vendors
The Hacker News reported on the findings as to vulnerabilities found in IoT devices offered by different global vendors.
Collectively dubbed OT:ICEFALL by Forescout, the 56 issues span as many as 26 device models from Bently Nevada, Emerson, Honeywell, JTEKT, Motorola, Omron, Phoenix Contact, Siemens, and Yokogawa.
"Exploiting these vulnerabilities, attackers with network access to a target device could remotely execute code, change the logic, files or firmware of OT devices, bypass authentication, compromise credentials, cause denials of service or have a variety of operational impacts," the company said in a technical report.
Webinar 16.06.22: Sophos Adaptive Cybersecurity Ecosystem
Trilight Security and Hermitage Solutions invite you to take part in an online event, devoted to Adaptive Cybersecurity Ecosystem (ACE) of Sophos, in particular, its endpoint protection component, Sophos Intercept X.
Agenda:
- Sophos company introduction.
- Adaptive Cybersecurity Ecosystem (ACE), a quick Sophos portfolio overview, "Cyber Kill Chain".
- Sophos Intercept X (CIXA endpoint protection). Different protection levels explained.
Speaker:
Mindaugas Kadunas, Sophos Presales Engineer at Hermitage Solutions.
Date:
16.06.2022, 12:00 CET, duration 45 minutes.
Registration:
To register for the event respond to this message with your contact details in signature, of follow this link to learn more about the event and fill a small registration form.
About Trilight Security
Trilight Security OÜ is a cybersecurity services provider offering reliable and affordable managed security services, managed detection & response, and SOCaas services to customers across Europe. More information can be found on our website.
About Hermitage Solutions
Hermitage Solutions is a leading value-added distributor of cybersecurity and innovative infrastructure solutions in the Baltic states that provide IT security products and services for enterprises and SMB in various industries. More information can be found at our website.
Trilight Security is thrilled to announce that TrueFirms has recognised us a top Staff Augmentation Company in 2023. Years of efforts and excellence in providing top cybersecurity and IT talents to hi-tech companies in the EU, the U.S., and other regions of the world have led to this new recognition of Trilight Security by the industry community.
TrueFirms is a online platform that helps connect businesses to a trusted and verified service provider. Through data-driven recommendations, and artificial intelligence, TrueFirms allows to quickly find the supplier that best suits the needs of any kind.
Trilight Security, among other services, specialises in providing different types of cybersecurity, IT infrastructure, and software development professionals to companies wishing to augment their internal teams, or struggling with service delivery to their end clients.
Send your personnel requests to connect@trilightsecurity.com and we will definitely help you!