news
BrandShield wins major contract with Pharmaceutical Security Institute
randShield , a leading provider
B of cyber solutions from brand protection to online threat hunting , has announced that it has been awarded a contract with the Pharmaceutical Security Institute ( PSI ).
Based in Washington , DC , PSI was set up in 2002 by the security directors from 14 major pharmaceutical companies . Working with its members , PSI has developed improved systems to identify the extent of the problem of counterfeit medicinal products and to assist in coordinating international inquiries .
BrandShield has entered into a contract with PSI on a joint programme to focus on helping to detect and remove online threats on behalf of several of PSI ’ s members , such as rogue pharmacies , counterfeit sales of drugs on online marketplaces , and social media phishing campaigns , and other fraudulent online activities . These members include some involved in developing COVID-19 vaccines .
The contract is another major step in the development of BrandShield . BrandShield recently announced it had raised £ 3.2 million in new funding and is expected to list via a reverse takeover of Two Shields Investments plc on the Alternative Investment Market of the London Stock Exchange , with completion expected on or around December 1 , 2020 . The new funding will help BrandShield capitalise on the increasing number of new business opportunities it sees , in part caused by the acceleration of online criminal activity caused by the pandemic .
ESET RESEARCH DISCOVERS LAZARUS MISUSES LEGITIMATE SECURITY SOFTWARE IN SOUTH KOREA ATTACK
SET researchers have
E discovered attempts to deploy Lazarus malware via a supply chain attack ( on less secure parts of the supply network ) in South Korea .
In order to deliver its malware , the attackers used an unusual supply chain mechanism , abusing legitimate South Korean security software and digital certificates stolen from two different companies . The attack was made easier for Lazarus since South Korean Internet users are often asked to install additional security software when visiting government or Internet banking websites .
Anton Cherepanov , ESET Researcher who led the investigation into the attack , said : “ To understand this novel supply chain attack , you should be aware that WIZVERA VeraPort , referred to as an integration installation program , is a South Korean application that helps manage such additional security software . When WIZVERA VeraPort is installed , users receive and install all necessary software required by a specific website . Minimal user interaction is required to start such software installation .
“ Usually this software is used by government and banking websites in South Korea . For some of these websites it ’ s mandatory to have WIZVERA VeraPort installed ,” said Cherepanov .
Additionally , the attackers used illegally obtained code-signing certificates in order to sign the malware samples . Interestingly , one of these certificates was issued to the US branch of a South Korean security company .
ESET Research has strong indications to attribute the attack to Lazarus , as it is a continuation of what KrCERT has called Operation BookCodes , attributed to Lazarus by some in the cybersecurity research community .
The other reasons are typical toolset characteristics ; detection ( many tools are already flagged as NukeSped by ESET ); the fact that the attack took place in South Korea , where Lazarus is known to operate ; the unusual and custom nature of the intrusion and encryption methods used ; and the setup of network infrastructure .
It must be noted that the Lazarus toolset is extremely broad and ESET believes there are numerous subgroups .
12 www . intelligentciso . com