September 7, 2022 2:05 p.m.
Spam mails have evolved since the first one was sent back in 1978. Its evolutions span from the techniques, tactics, and the latest trends cybercriminals piggyback on to make it more legitimate-looking and urgent-sounding – an effective formula to prey upon an unsuspecting user.
One of Kaspersky’s elite researchers, Noushin Shabab, probed into the spam threat landscape in Asia Pacific (APAC) this year to answer – what if emails do not get opened?
Shabab, presented in front of selected media from the region during Kaspersky’s 8th APAC Cyber Security Weekend, revealed that the region received 24% of the global malicious spam mails being detected and blocked by Kaspersky solutions. This means one in four junk electronic messages were delivered to computers in APAC.
Noushin Shabab, Senior Security Researcher for Global Research and Analysis Team (GReAT) at Kaspersky
Malicious spam is not a technologically complex attack, but when done with sophisticated social engineering techniques, it poses a severe threat to individuals and enterprises alike. These junk mails are sent out in mass quantities by spammers and cybercriminals who are looking to do one or more of the following:
- Make money from the small percentage of recipients that actually respond to the message
- Run phishing scams – in order to obtain passwords, credit card numbers, bank account details, and more
- Spread malicious code onto recipients’ computers
In 2022, more than half (61.1%) of the malicious spam detected in the region targeted Kaspersky users from Vietnam, Malaysia, Japan, Indonesia, and Taiwan.
Shabab cited three main factors which cause the bulk of spam emails targeting APAC —- its population, the high adoption of e-services, and the pandemic lockdowns.
The APAC region has almost 60% of the world’s population and this means that there are more potential victims for scammers here compared to other parts of the world. The extensive use of online services such as online shopping and other online platforms for day-to-day activities here also makes individuals more susceptible to falling victim to scams. There is also the lingering pandemic aftermath which led to lockdowns and work-from-home set up in the region where people took their work computers home. Home networks are usually less protected from cyberattacks.
“Since 2018, the number of malicious spam mails detected by our solutions has seen a gradual decline after its peak in 2019. This, however, does not equate to our mailboxes being cleaner and safer. Our constant monitoring of the current and new Advanced Persistent Threats (APTs) operating in Asia Pacific showed that majority of these notorious threat actors use targeted phishing called spear phishing to crack into an organization’s systems,” reveals Noushin Shabab, Senior Security Researcher for Global Research and Analysis Team (GReAT) at Kaspersky.
The most recent example of an APT targeting key entities in APAC through sophisticated malicious mails is the “Sidewinder” threat actor. Since October 2021, the Sidewinder threat actor has been using new malicious JS code with recently created C2 server domains. The attacker, also known as Rattlesnake or T-APT4, targets victims with spear-phishing emails containing malicious RTF and OOXML files.
Known for targeting military, defense and law enforcement agencies, foreign affairs, IT, and aviation entities in Central and South Asia, Sidewinder is considered one of the most prolific threat actors monitored in the APAC region. Kaspersky experts also recently found spear phishing documents which appear to be aimed at future targets in Singapore.
Some of the main characteristics of this threat actor that make it stand out among the others are the sheer number, high frequency and persistence of their attacks, and the large collection of encrypted and obfuscated malicious components used in their operations. Kaspersky experts, who have been monitoring Sidewinder since 2012, have detected over a thousand spear phishing attacks by this APT actor since October 2020.
Sidewinder also continues to expand its victimology and to sharpen its phishing tactics.
For instance, to reduce the suspicion raised by some of their spear-phishing documents that had no text content, the group followed their first attempt to attack the victim – a spear-phishing email containing a malicious RTF exploit file – with another similar email, but in this case, the title of the malicious document was “_Apology Letter.docx”, and it contained some text explaining that the previous email was sent in error and that they are reaching out to apologize for that mistake.
“There are many more well-oiled APT groups like Sidewinder who are constantly upgrading their tools and tactics to target high-profile victims in APAC through believable spam and phishing emails. The implication for enterprises and government organizations here is that a single malicious email when clicked can crumble your most sophisticated defenses, and usually, APTs like Sidewinder just need one door to open, one machine to infect, and then it can hide and stay undetected for long,” Shabab adds.
APTs target any sensitive data; one doesn’t need to be a government agency, major financial institution, or energy company to become a victim.
The major danger of APT attacks is that even when they are discovered and the immediate threat appears to be gone, the hackers may have left multiple backdoors open that allow them to return when they choose. This increases the importance of guarding mailboxes – an entry point they usually exploit to get a foothold of an organization’s networks.
Employees across all ranks need to be aware of the threats, such as the possibility of bogus emails landing in their inboxes. Besides education, technology that focuses on email security is necessary.
To be able to search for potential spear-phishing signs without diminishing the company’s actual security, Kaspersky suggests private and public companies to install protective anti phishing solutions on mail servers as well as on employee workstations.
Enterprises should also utilize advanced security software that can detect sophisticated APT attacks.
For governments, Shabab suggests defining better spam regulations to curb spam risks. “Fewer spam emails from legitimate organizations means people are less used to receiving unexpected emails every day and are more vigilant when they are being targeted with malicious spear phishing emails,” she adds.
Ultra tough HONOR X9a 5G gets tested in an experiential launch in Philippines; priced at P16,990
January 23, 2023 3:01 p.m.
Celebrities, guests from the media, and partners have been gathered in an overnight event at Taal Vista Hotel Tagaytay to experience the toughness of the new HONOR X9a 5G.
“To see is to believe, that’s why we came up with this launch that really puts HONOR X9a 5G’s toughness to the test. Our guests have seen first-hand how durable our new phone is and we are very confident that the activities we laid out for have showcased the top-of-the-line performance of HONOR X9a 5G,” said Stephen Cheng, HONOR Philippines Vice President for Marketing.
During the afternoon festivities, guests were challenged to participate in games that highlighted HONOR X9a 5G’s top specs such as shooting its screen with a toy gun and in a paired drop test where one has to throw and the other catches. A selfie area in front of Taal also brings out the best in HONOR X9a 5G’s super triple camera capturing the crisp and accurate colors of the famous volcano. The viral phone has also withstood the outdoor badminton and smash challenges.
HONOR X9a 5G Specs
Sporting a 120Hz Premium OLED Curved Display, the HONOR X9a 5G brings users a large screen of 6.67-inch with an impressive screen-to-body ratio of 93%, guaranteeing an immersive viewing experience for all your favorite content.
An ultra-large 5100mAh battery in a compact body awaits you too. So far, the HONOR X9a 5G is the thinnest and lightest smartphone to feature a battery larger than 5000mAh, which allows it to support up to 2 days of daily use for a truly uninterrupted user experience. With just 30 minutes of charging, the HONOR X9a 5G delivers 12.5 hours of video streaming, sparing users from having to worry about their battery.
Designed for a style conscious audience, the HONOR X9a 5G is available in two stunning colors: Titanium Silver and Emerald Green. Starting from January 20 to February 3, the HONOR X9a 5G will be available to purchase via all HONOR kiosks and partner online stores – Lazada (http://bit.ly/3XHFPIC), Shopee (http://bit.ly/3XzEfrS), Tiktok Shop (http://bit.ly/3kfHhTS), and Home Credit.
HONOR fans can finally avail the HONOR X9a 5G via Home Credit, for as low as Php 661 per month with insurance, Php 765 without insurance, and on a 0% interest installment payment.
HONOR X9a 5G is priced at P16,990 with FREE HONOR Earbuds X3 Lite worth P3,999.
For more information and announcements, you may visit HONOR’s website www.hihonor.com or social media platforms: Facebook (Facebook.com/HonorPhilippines), Instagram (Instagram.com/honorphilippines/) and TikTok: (Tiktok.com/@honorphilippines).
Miscommunications in IT security lead to cybersecurity incidents in 62% of companies
January 12, 2023 5:58 p.m.
More than half of top-tier managers (62%) admit that a miscommunication with the IT department or IT security team has resulted in at least one cybersecurity incident in their organizations.
In terms of personal attitudes, the majority of non-IT executives cited a diminished sense of cooperation between different teams (34%) and said this situation makes them question their colleagues’ skills and abilities when communication with their IT-security employees was unclear (33%).
The recent Forrester analytics survey says that companies spend an average of 37 days and $2.4 million to detect and recover from a cybersecurity breach. To determine how much mutual understanding between executives and information security teams affects a company’s cyber resilience, Kaspersky conducted a global survey of more than 1,300 business leaders.
According to the results of the study, 98% of non-IT respondents experienced miscommunications regarding IT security. With regards to consequences, most often a breakdown in communications leads to serious project delays (67%) and cybersecurity incidents (62%). Almost one-third of respondents (30% and 27% respectively) even said that they had even encountered these issues more than once. Among other negative effects are a wasted budget, the loss of a valued employee and deteriorating relationships between teams –situations that occurred to 61% of respondents.
In addition to worsening business indicators, unclear communication with IT-security employees also affects the emotional state of the team and makes executives question IT-security employees’ skills and abilities. Also, 28% executives admit that misunderstandings make them lose confidence in the business’ safety and 26% of them find this situation makes them nervous, which affects their work performance.
“Clear communication between a company’s executives and IT security management is a prerequisite for corporate business security,” comments Alexey Vovk, Head of Information Security at Kaspersky.
”The challenge here is to put oneself in the others’ position, to anticipate and prevent serious misunderstandings. This means that, on the one hand, CISOs should know the basic business language to better explain the existing risks and need for safety measures. On the other hand, a business should also understand that information security in the 21st century is an integral part of business and budgeting for it is an investment in protecting company assets,” adds Vovk.
To make the communication between IT security and business functions within the company more transparent, Kaspersky recommends the following:
- Understanding professionals from another sphere requires not only empathy but also additional knowledge. While IT security workers could get more information about basic business terms and concepts in various training courses, non-IT executives have an opportunity to walk in a CISO’s shoes to get insights on the most relevant IT security challenges.
- Both IT and non-IT managers should not lock themselves in a professional “information bubble”. Staying aware of the agenda in both the business and cybersecurity worlds is another key to successful communication and mutual understanding between them.
- Cybersecurity specialists should use reliable and understandable arguments when communicating their needs to the board and justifying their cybersecurity budget. Use information about the threats and security measures most relevant to your particular industry and company size to prove the probability of risks and the protective measures needed. Resources such as IT Security Calculator and reports based on experts’ observations can significantly ease this task.
- Today when cyber threats are becoming more and more relevant and companies are forced to increase their information security budgets, it’s extremely important to allocate cybersecurity investments to tools with proven efficacy and ROI. This means tools that lower the level of false positives and reduce the time of attack detection, the time spent per case, and other metrics are important to any IT security team.
The full report and more insights on communications issues between C-level and IT security managers are available via the link.
WIKO to release Huawei-developed smartphones
January 2, 2023 5:46 p.m.
A few days ago, the French technology brand WIKO made its debut on Weibo, and its China official website was launched simultaneously.
According to the teasers, last December 27, WIKO release its flagship phone in China, which not only supports 5G, but also a device thats equipped with Harmony OS, with a 108-megapixel main camera, 66W super-fast charging and other familiar configurations.
The new flagship–WIKO 5G, uses a 6.78-inch 120Hz high-refresh screen, equipped with a Snapdragon 695 processor, a rear-mounted 108megapixel main camera + 8-megapixel ultra-wide-angle + 2-megapixel macro + 2-megapixel depth-of-field lens, and the front camera is 16 million pixels, built-in 4000mAh battery.
It uses a 2.0GHz Octa Core CPU processor using a Qualcomm Snapdragon 695 5G chipset, an Adreno 619 graphics processor paired with 8GB of RAM, 128GB/256GB of internal memory and runs on the HarmonyOS operating system.
Equipped with 4 rear cameras, Quad Camera with LED flash consisting of
- Main camera, 108 megapixel resolution, Samsung HM2 sensor, aperture f / 1.9, 1 / 1.52) and PDAF system
- The second camera, Ultra Wide lens, 8 megapixel resolution, f / 2.2 aperture
- 3rd camera, depth lens, 2 megapixel resolution, f / 2.4 aperture
- 3rd camera, macro lens, 2 megapixel resolution, f / 2.4 aperture
According to reports, WIKO is officially licensed to release smartphones developed by Huawei technology. WIKO is a local mobile phone brand in France. Later, the mobile phone business of this brand was jointly acquired by Tianyin Holdings and Dongguan Financial Holdings. In addition, WIKO took the second place in the French mobile phone market in 2014, second only to Samsung in terms of local market share.