Cyber hackers [illustrative].
(photo credit: REUTERS)
Kaspersky Lab experts have discovered a series of “invisible” targeted attacks that use only legitimate software: widely available penetration testing and administration tools and the PowerShell framework for task automation in Windows. They drop no malware files onto the hard drive and hide in the memory.
This combined approach helps to avoid detection by white-listing technologies and leaves forensic investigators with almost no artifacts or malware samples to work with. The attackers stay around just long enough to gather information before their traces are wiped from the system on the first reboot.
At the end of 2016, Kaspersky Lab experts were contacted by banks in the Russian Commonwealth that had found the penetration-testing software, Meterpreter, now often used for malicious purposes, in the memory of their servers when it was not supposed to be there.
Kaspersky Lab discovered that the Meterpreter code was combined with a number of legitimate PowerShell scripts and other utilities. The combined tools had been adapted into malicious code that could hide in the memory, invisibly collecting the passwords of system administrators so that the attackers could remotely control the victim’s systems. The ultimate goal appears to have been access to financial processes.
Investec Bank invests in Trax
Trax Image Recognition, the world leader in image recognition for retail, has completed another round of funding at $19.5 million with lead investor, Investec Bank, to support the growth and market expansion of the company.
With this latest round of funding, Trax has raised nearly $100m. since being founded in 2010.
The investment is led by Investec Bank plc, part of the international specialist-banking and asset-management group listed on the London Stock Exchange and the Johannesburg Stock Exchange.
Trax has developed a computer-vision platform that turns retail shelf images into real-time actionable insights.