Manifest Logo

We Are Named Among Most Reviewed IT Services Companies in Estonia

In early August, The Manifest released a list of the most reviewed B2B service providers in Estonia for the year 2023. The companies included in this list have successfully completed the platform's rigorous evaluation process. Trilight Security OÜ was specifically recognized among the highly reviewed IT services firms from Estonia.

Despite the country facing certain economic challenges, there is a positive outlook for the upcoming years. Notably, key players in various high-tech industries like IT services, cybersecurity, software development, and others are actively contributing to bolster the nation's resilience.

The "Most Reviewed Company" award by The Manifest emphasises the importance of cultivating strong relationships between service providers and their clients. The entities featured in this list were chosen based on the quantity of testimonials and endorsements they garnered over the past twelve months.

Yan Shmyhol, CEO of Trilight Security, commented: "We are delighted to have received this award, which attests to our position as significant players in Estonia's IT services market. Furthermore, it motivates us to set new objectives for the upcoming assessment period."

Lazarus is Back

Lazarus is Back. $35 million Stolen from Atomic Wallet

Hackers from North Korea are causing trouble again, and this time they targeted Atomic Wallet. They managed to steal a whopping $35 million in crypto.

The experts at Elliptic, who know their way around blockchain, have connected the dots and linked the theft to the Lazarus group. They've been busy tracking the stolen funds as they were moved around different wallets and mixers, in attempts to cover the tracks.

This attack on Atomic Wallet happened just last weekend, and it left a lot of innocent wallets compromised and their funds snatched away. The total haul reached over $35 million. According to Elliptic, this is the first big crypto heist of the year for Lazarus. Don’t forget, they've already blown through $100 million from the Harmony Horizon Bridge hack in June 2022, and a mind-boggling $620 million from Axie Infinity in March 2022. Who knows what they're spending it on? Maybe North Korean rockets or their nuclear program?

You might be wondering how Elliptic can be so confident in their attribution. Well, it turns out that the laundering strategy used in this attack was the same as in their previous heists. They also used the Sinbad mixer again, and a good chunk of the stolen funds ended up in the same wallets that were linked to Lazarus before.

Even though laundering stolen cryptocurrency has become trickier lately, there are still some less scrupulous exchanges out there where these things can happen. That's why wallet developers and operators need to step up their cybersecurity efforts and seriously audit and test their code. Unless they want to unknowingly contribute to funding some dictator's science projects, right?

But here's the big question that keeps bugging some experts: Who the heck is behind the Lazarus group? The world is a curious place, so maybe there are some folks pretending to be North Koreans, flaunting their top-notch computer skills. Who knows, right?

Global Phishing Attacks Spawn Three New Malware Strains

The Threat Post reported on large scale phishing attack.

Two waves of global financial phishing attacks that swamped at least 50 organizations in December have delivered three new malware families, according to a report from FireEye's Mandiant cybersecurity team.

On Tuesday, the team said that they've dubbed the hitherto-unseen malware strains:  Doubledrag, Doubledrop, and Doubleback. What Mandiant called the trifecta spear-phishing campaign twice hit a wide swath of industries worldwide: first on Dec. 2, 2020, with a second wave launched between Dec. 11 and Dec. 18, 2020.

Read further on The Threat Post

Microsoft says it identified 40+ victims of the SolarWinds hack

The Security Magazine reports on notorious SolarWinds disaster.

Microsoft said it identified more than 40 of its customers that installed trojanized versions of the SolarWinds Orion platform and where hackers escalated intrusions with additional, second-stage payloads.

The OS maker said it was able to discover these intrusions using data collected by Microsoft Defender antivirus product, a free antivirus product built into all Windows installations.

Read more on the Security Magazine

Google Warns of Zero-Click Bluetooth Flaws in Linux-based Devices

The Hacker News reported on a new set of vulnerabilities in the Linux Bluetooth Software set.

Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices.

According to security engineer Andy Nguyen, the three flaws — collectively called BleedingTooth — reside in the open-source BlueZ protocol stack that offers support for many of the core Bluetooth layers and protocols for Linux-based systems such as laptops and IoT devices.

Read further on The Hacker News

Active Malware Campaign Using HTML Smuggling

The Threatpost reported on ongoing malware campaign based on HTML smuggling.

Krishnan Subramanian, security researcher with Menlo Security, told Threatpost that the campaign uncovered on Tuesday, dubbed “Duri,” has been ongoing since July.

It works like this: The attackers send victims a malicious link. Once they click on that link, a JavaScript blob technique is being used to smuggle malicious files via the browser to the user’s endpoint (i.e., HTML smuggling). Blobs, which mean “Binary Large Objects” and are responsible for holding data, are implemented by web browsers.

Read more on the Threatpost

Corporate VPNs in danger as vishing attacks target home workers

SC Media published a report on current situation with cyberattack on remote workers using VPNs to connect to corporate networks.

Multiple hacking gangs are preying on remote workforces and corporate VPNs through vishing attacks that are more efficient, dangerous and ubiquitous than ever, prompting the U.S. government to issue both a warning and advice on how to thwart them.

“The news has spread throughout the hacker community and multiple groups are now doing this,” said Allison Nixon, chief research officer at Unit 221b.

Read more on SC Media