A number of vulnerabilities have been discovered in Phoenix Contact industrial solutions that allow unauthorized…
“Hacking tools developed by private companies often end up in the hands of unscrupulous governments, which then use the software to track down and apprehend dissidents, journalists, or political rivals”, – say the researchers.
The American think tank Atlantic Council has published a report on the OCC market and companies operating on the Access-as-a-Service (AaaS) model that sell these services. The report provides an analysis of three AaaS vendors – the Israeli NSO Group and the UAE-based DarkMatter.
In particular, the experts spoke about the organizations behind the cyberattacks that exploited a zero-day vulnerability.
Of 129 attacks using 0Day vulnerabilities since 2014, 72 of them were associated with a specific attacker. Of these 72 cases, 14 were associated with private companies as creators of the zero-day exploit used in the attack.
“Thus, private companies have proven to be a larger provider of zero days exploited in real attacks than government and cybercriminal hackers combined”, – reported in the Atlantic Council.
Many of the AaaS vendors can hardly be distinguished from legitimate cybersecurity companies providing security solutions, experts say. This business model is now becoming more prevalent and current policies restricting the export and transfer of OCC instruments overseas are becoming less effective as AaaS providers find new ways to circumvent them.
Researchers have called for new and improved policies for the AaaS marketplace and have proposed expanding the range of vulnerabilities found by government intelligence agencies that need to be reported to vendors, establishing post-employment restrictions for government information security employees so that they cannot switch to AaaS service providers.
They also suggested filing lawsuits against AaaS suppliers and their contractors that violate export controls and enforced implementation of “technical restrictions” such as limitation of geographic area for malware spread to prevent OCC tools from being used in certain areas or against certain purposes.
Let me remind you that the number of malicious ads tripled in 2020, as well as that China officially legalized the “Social Credit System”.
Kabatibly.co.in is a domain that tries to force you into clik to its browser notifications…
Reditarcet.co.in is a site that tries to force you into subscribing to its browser notifications…
Everestpeak.top is a domain that tries to trick you into subscribing to its browser notifications…
Firm-jawed.yachts is a domain that tries to trick you into subscribing to its browser notifications…
Anapurnatop.top is a domain that tries to trick you into subscribing to its browser notifications…
Boomira.com is a domain that tries to force you into clik to its browser notifications…