Security
  • Menu
  • All Tips
  • FAQs
  • Categories
  • Guidelines
  • Data Security Support
  • Tools
  • Have I Been Pwned?
  • Pwned Passwords
  • Email Checker
  • Password Generator
  • My IP
  • Privacy
DATA PRIVACY NOTICE AND CONSENT FORM

Cloudstaff is committed to protecting the privacy of its data subjects, and ensuring the safety and security of personal data under its control and custody. This policy provides information on what personal data is gathered by Cloudstaff Security Tips about its current, past, and prospective employees; how it will use and process this; how it will keep this secure; and how it will dispose of it when it is no longer needed. This information is provided in compliance with the Philippine Republic Act No. 10173, also known as, the Data Privacy Act of 2012 (DPA) and its Implementing Rules and Regulations (DPA-IRR). It sets out Cloudstaffs’ data protection practices designed to safeguard the personal data of individuals it deals with, and also to inform such individuals of their rights under the Act.

The personal data obtained from this application is entered and stored within the Cloudstaff system and will only be accessed by the Cloudstaff’s authorized personnel. Cloudstaff have instituted appropriate organizational, technical and cloud security measures (Amazon Web Services Shared Responsibility) to ensure the protection of the users personal data.

Information collected will be automatically deleted after three (3) years inactivity.

Furthermore, the information collected and stored in the application are as follows:
  • Given Name
  • Family Name
  • Avatar [Profile Picture]

USER CONSENT

I have read the Data Privacy Statement and expressed my consent for Cloudstaff to collect, record, organize, update or modify, retrieve, consult, use, consolidate, block, erase or destruct my personal data as part of my information.

I hereby affirm my right to be informed, object to processing, access and rectify, suspend or withdraw my personal data, and be indemnified in case of damages pursuant to the provisions of the Republic Act No. 10173 of the Philippines, Data Privacy Act of 2012 and its corresponding Implementing Rules and Regulations.

If you want to exercise any of your rights, or if you have any questions about how we process your personal data, please contact Cloudstaff’s Data Protection Officer, through the following channel:

Email to privacy@cloudstaff.com

  • Log in Now
Fresh macOS Backdoor Orchestrated by North Korean Cyber Operatives

Cybersecurity researchers have recently brought to light a newly discovered threat to Apple macOS, identified as SpectralBlur. This backdoor shares a connection with a known malware family attributed to North Korean threat actors. SpectralBlur, described as a moderately capable backdoor, exhibits functionalities such as file uploads and downloads, shell execution, configuration updates, file deletion, hibernation, and sleep, all of which are directed by commands from a command-and-control server.

Greg Lesnewich, a security researcher, emphasized SpectralBlur's similarities to KANDYKORN (also known as SockRacket), an advanced implant serving as a remote access trojan with the ability to take control of compromised hosts. Notably, KANDYKORN is associated with the Lazarus subgroup's BlueNoroff campaign, leading to the deployment of the RustBucket backdoor and the ObjCShellz payload.

The trend of North Korean threat actors targeting macOS, particularly within industries like cryptocurrency and blockchain, has been on the rise. According to Lesnewich, "TA444 keeps running fast and furious with these new macOS malware families." Security researcher Patrick Wardle delves into SpectralBlur's inner workings, highlighting that the Mach-O binary was uploaded to the VirusTotal malware scanning service in August 2023 from Colombia.

SpectralBlur stands out due to its attempts to impede analysis and evade detection, utilizing grantpt to set up a pseudo-terminal for executing shell commands received from the command-and-control server. The complexity and sophistication of these evasion techniques suggest a concerted effort to maintain covert operations.

This discovery comes in the context of a broader cybersecurity landscape, revealing a significant increase in macOS-targeted threats. In 2023 alone, 21 new malware families, ranging from ransomware to information stealers, remote access trojans, and nation-state-backed malware, were identified—marking an escalation from the 13 families detected in 2022. Patrick Wardle anticipates that the growth and popularity of macOS, especially in enterprise environments, will likely lead to an upsurge in new macOS malware throughout 2024. 

Source: https://thehackernews.com/2024/01/spectralblur-new-macos-backdoor-threat.html

Caitlin Joyce (CaitlinG) Galanza | News
Created: January 08 2024 | Updated: on 1/8/24
Comments

  2021 © Mazer

Security Tips v2.0.1 | Crafted with by Saugi