Information Technology

AUCloud has announced it will commence a AU$35 million capital raising, which will comprise NextDC taking up approximately a 20% stake in the company as the former eyes plans for national expansion.AUCloud said in a statement that it will raise the total by issuing new shares at AU$0.50 per share, which will also include a placement to NextDC of approximately AU$12.4 million.According to AUCloud, the funding will largely be used to scale the company to “critical mass”.”We continue to see a trend towards greater emphasis on sovereign cloud services to ensure all data remains within Australian legal jurisdictions,” AUCloud CEO and managing director Phil Dawson said. “Our strategic partnership with NEXTDC, a leading provider of premium data centre facilities, will provide access to a powerful national network of 1,500+ enterprise customers and 730+ channel partners. “This equity raising capitalises AUCloud to extend its platform footprint into Brisbane, Melbourne, and Adelaide, and expand its customer reach into the large security-conscious enterprise market.”NextDC will also be entitled to a place on the AUCloud board, which will initially be NextDC CEO and managing director Craig Scroogie.

“NextDC has an in-depth understanding of the underlying cloud market dynamics gained through our national network of premium data centre facilities across Australia. Following the injection of growth capital into AUCloud, we believe Phil and the team are very well positioned to benefit from the increasing trend towards sovereign IaaS cloud and high security solutions,” Scroogie said.AUCloud expects its pro-forma net cash position will increase to AU$41.5 million as of 31 October 2021 post-equity raising.AUCloud was one of four cloud providers that were certified strategic status under the Australian government’s hosting certification framework in October. This followed in the footsteps of NextDC, after it became a certified player to store sensitive data locally in August. Related Coverage More

Australian payments provider Eftpos has gone live with new online security features through a handful of payment merchants, ahead of a full rollout next year.These security features, which include two-factor authentication functionality, has initially been adopted by Till Payments, Fat Zebra, and Eftex. The rollout of these features is part of Eftpos’ five-year, AU$100 million investment it’s making on digital upgrades to its network, designed to enhance the level of protection up-front for consumers and merchants, rather than retrofitting security to legacy systems.  “This is a tipping point for Eftpos, online Australian businesses and the digital economy, and it is great to have partners like Till Payments, Fat Zebra, and Eftex onboard,” Eftpos chief Stephen Benton claimed.”This is a game changer for Eftpos and Australian retailers because retail is quickly transforming to become an increasingly digital marketplace, accelerated by COVID. Big economic benefits could flow from increased competition in addition to enhanced payments security.”The company said Eftpos payments are already available online for some card-on-file payments where banks have implemented the service for their merchant customers. Since launching the Eftpos digital service that enables LCR last year, Eftpos said it has been subject to zero fraud.LCR is an initiative aimed at promoting competition in the debit card market and helping to reduce payment costs in the economy.

When a customer makes a contactless “tap-and-go” payment with their dual-network debit card — not credit cards, however — the merchant may choose to send the transaction via the debit network that costs them the least to accept. If the merchant chooses not to route, the transaction is instead sent via the default network which is programmed on the card, typically the Debit Mastercard or Visa Debit network.If a merchant uses LCR, it should not affect which deposit account the funds are paid from, and the three networks — Eftpos, Visa, and Mastercard — offer similar protections to the cardholder from fraud and disputed transactions.”This Eftpos extension will allow eCommerce merchants to securely send millions more online payments through Eftpos, resulting in substantial payment acceptance cost savings for their business and their customers,” Eftex general manager Ian Sanford said.Latest Finance News From Australia More

StackCommerce

ZDNet Recommends

It’s amazing how much affordable self-paced training is available online these days. For instance, even if you have no experience whatsoever, you can learn to be a Python programmer in no time and their average salaries are over $80,000 a year. But you could also become an ethical hacker, learn to be a game developer or so many other choices.However, just like when you are doing anything else online, you need to be extremely careful about protecting yourself when accessing educational content. And now, new users need never worry about that again, because a VPNSecure Online Privacy: Lifetime Subscription is currently available for only $39.99 during our pre-Black Friday sale.Obviously, your traffic will be encrypted so that hackers aren’t able to get access to your data. VPNSecure renders your traffic on the service unrecognizable with Stealth VPN. You also have full stack IP support (IPv4 + IPv6) and kill switches that will automatically disconnect you from the internet if your VPN connection is dropped. Your IP address and location will be hidden and VPNSecure has a strict policy of absolutely no logging.Since you have access to servers in more than 45 countries, and new ones are being added all the time, you will be able to watch all of your favorite content no matter where you happen to be. And VPNSecure fully supports torrents, yet you are allowed unlimited bandwidth, so you should be able to stream smoothly with no buffering.You can use the service on five devices simultaneously, on desktop or mobile. There is an ad blocker option that is available at no extra charge and so many other convenient features.Even Security.org was impressed. They said:”VPNSecure provided us with nearly everything we needed to search the web safely and even included some unique features like the Meta Search Engine.”

You really don’t want to pass up this opportunity to protect yourself online for a lifetime. If you are a new user, get VPNSecure Online Privacy: Lifetime Subscription now while it’s available for only $39.99.

More ZDNet Academy Deals More

The FBI has warned that a sophisticated group of attackers have exploited a zero-day flaw in a brand of virtual private networking (VPN) software since May.

The FBI said its forensic analysis showed that the exploitation of the zero-day vulnerability in the FatPipe WARP, MPVPN, and IPVPN software, by an advanced persistent threat (APT) group, went back to at least May 2021. It did not provide any further information about the identity of the group.The vulnerability allowed the attackers to gain access to an unrestricted file upload function to drop a webshell for exploitation activity with root access, leading to elevated privileges and potential follow-on activity, the FBI said, noting: “Exploitation of this vulnerability then served as a jumping-off point into other infrastructure for the APT actors.”See also: A winning strategy for cybersecurity (ZDNet special report).The FBI said the vulnerability affects all FatPipe WARP, MPVPN, and IPVPN device software prior to the latest version releases, 10.1.2r60p93 and 10.2.2r44p1.It warned that detection of exploitation activity might be difficult, as cleanup scripts designed to remove traces of the attackers’ activity were discovered in most cases.”Organizations that identify any activity related to these indicators of compromise within their networks should take action immediately,” the FBI said in an alert.

“FBI strongly urges system administrators to upgrade their devices immediately and to follow other FatPipe security recommendations such as disabling UI and SSH access from the WAN interface (externally facing) when not actively using it.”FatPipe has its own advisory FPSA006, which notes: “A vulnerability in the web management interface of FatPipe software could allow a remote attacker to upload a file to any location on the filesystem on an affected device.”The vulnerability is due to a lack of input and validation checking mechanisms for certain HTTP requests on an affected device. An attacker could exploit this vulnerability by sending a modified HTTP request to the affected device.” More

Microsoft has raised an alarm about a massive surge in Iranian state-sponsored hacking attempts against IT services firms.

ZDNet Recommends

According to Microsoft, attacks from state-sponsored Iranian hackers on IT services firms were virtually non-existent in 2020, but this year exceeded 1,500 potential attacks. “Microsoft has observed multiple Iranian threat actors targeting the IT services sector in attacks that aim to steal sign-in credentials belonging to downstream customer networks to enable further attacks,” it said.See also: A winning strategy for cybersecurity (ZDNet special report).Most of the targeting is focused on IT services companies based in India, as well as several companies based in Israel and the United Arab Emirates. Microsoft said that these attacks are another example of how nation-state actors are increasingly targeting supply chains as an indirect approach to their real targets.”Until July 2021, Microsoft had observed relatively little history of Iranian actors attacking Indian targets,” Microsoft said in a blogpost from its Threat Intelligence Center (MSTIC) and Digital Security Unit (DSU).”Iranian threat actors are increasing attacks against IT services companies as a way to access their customers’ networks. This activity is notable because targeting third parties has the potential to exploit more sensitive organizations by taking advantage of trust and access in a supply chain.”

It would seem Iranian hackers have learned lessons from successful software supply-chain hacks, such as the attack on SolarWinds, which targeted US federal agencies and key US cybersecurity firms, including Microsoft: the US and UK blamed that attack on Russia’s Foreign Intelligence Service. Microsoft says the Iranian attacks on IT services firms have trended upwards significantly in the past six months. “As India and other nations rise as major IT services hubs, more nation-state actors follow the supply chain to target these providers’ public and private sector customers around the world matching nation-state interests,” Microsoft noted. Microsoft said it issued 1,788 nation-state notifications about Iranian actors to enterprise customers in India from mid-August to late September, roughly 80% of which were to IT companies, up from just 10 notifications issued in the previous three years in response to previous Iranian targeting. “Iranian cyber actors have rarely targeted India, and the lack of pressing geopolitical issues that would have prompted such a shift suggests that this targeting is for indirect access to subsidiaries and clients outside India,” Microsoft said.Microsoft is tracking the emerging threat actor as DEV-0228. This week, Microsoft also highlighted Iran’s growing interest in using ransomware to disrupt targets and coordinate these attacks with physical operations. See also: Dark web crooks are now teaching courses on how to build botnets.The US, UK, and Australian governments subsequently urged admins to immediately patch Exchange email server and Fortinet VPN vulnerabilities. And last month, Microsoft warned that Iranian hackers were using password attacks against 250 Israeli and US organizations operating in the Persian Gulf. DEV-0228 used access to an IT company to extend compromise customers in the defense, energy, and legal sectors in Israel, according to Microsoft. “DEV-0228 dumped credentials from the on-premises network of an IT provider based in Israel in early July. Over the next two months, the group compromised at least a dozen other organizations, several of which have strong public relations with the compromised IT company,” it said.  More

Ransomware is so lucrative for the gangs involved that other parts of the cybercrime ecosystem are being repurposed into a system for delivering potential victims.

ZDNet Recommends

“The gravitational force of ransomware’s black hole is pulling in other cyberthreats to form one massive, interconnected ransomware delivery system — with significant implications for IT security,” said security company Sophos in a report. Ransomware is considered by many experts to be most pressing security risk facing businesses — and its extremely lucrative for the gangs involved, with ransom payouts increasing significantly.See also: A winning strategy for cybersecurity (ZDNet special report).Sophos said that ransomware is becoming more modular, with different groups specialising in particular elements of an attack. It also pointed to the linked rise of ‘ransomware as-a-service’, where criminal gangs are able to purchase access to tools to run their own ransomware attacks when they lack the technical ability to create those tools themselves.These so-called ransomware ‘affiliates’ don’t even have to find their own potential victims: the ransomware ecosystem has developed so that they can go to other groups who specialise in gaining access to corporate networks and who will sell that backdoor on to them.As well as doing business with these ‘initial access brokers’, would-be ransomware attackers can turn to botnet operators and malware delivery platforms to find and target potential victims. And because of the potential profit to be made, these groups are increasingly focusing on serving ransomware gangs rather than concentrating on less lucrative forms of online crime, Sophos said.

“Established cyberthreats will continue to adapt to distribute and deliver ransomware. These include loaders, droppers and other commodity malware; increasingly advanced, human-operated Initial Access Brokers; spam; and adware,” said the security company.The idea of ransomware-as-a-service has been around for a while, and has often been a way for lower-skilled or less well-funded attackers to get started. But what has changed now, said Chester Wisniewski, principal research scientist at Sophos, is that ransomware developers are now using this as-a-service model to optimise their code and get biggest payouts, offloading to others the tasks of finding victims, installing and executing the malware, and laundering the cryptocurrencies. See also: Ransomware: It’s a ‘golden era’ for cybercriminals – and it could get worse before it gets better.Separate research has even suggested that ransomware gangs are now rich enough to start buying their own zero-day flaws, something that was previously only available to state-backed hackers.”This is distorting the cyberthreat landscape,” Wisniewski said, as common threats such as loaders, droppers, and Initial Access Brokers — which were around and causing disruption well before the ascendancy of ransomware — are now servicing the demands of ransomware gangs. More

Palo Alto Networks on Thursday published solid first quarter financial results and raised its FY 2022 revenue guidance. Non-GAAP net income for the first quarter was $170.3 million, or $1.64 per diluted share. First-quarter revenue grew 32% year-over-year to $1.2 billion. Analysts were expecting earnings of $1.57 per share on revenue of $1.2 billion.”Q1 was a strong start to fiscal year 2022, driven by strength in both our product and Next-Generation Security businesses, giving us confidence to raise our revenue and billings guidance for the year,” chairman and CEO Nikesh Arora said in a statement. “We continue to see strong customer demand and have continued to release key innovations which give us confidence in the durable growth we presented at our September Analyst Day.”   First-quarter billings grew 28% year-over-year to $1.4 billion. Remaining performance obligation (RPO) grew 37% to $6 billion.
Palo Alto Networks
The company highlighted the performance of Primsa SASE, noting rapid adoption of the secure access service edge (SASE) service. Prisma SASE saw 100% year-over-year ARR growth. Meanwhile, more than 25% of new Prisma SASE customers are new to Palo Alto Networks over the last 12 months. The company now has 1,756 SASE customers, up 61% year-over-year.In the area of cloud-native security, Palo Alto reported that it now has 1,676 Prisma Cloud customers up 26% year-over-year.

For Q2 2022, Palo Alto expects revenue in the range of $1.265 billion to $1.285 billion. Analysts are expecting revenue of $1.27 billion. For the full fiscal year 2022, the company expects total revenue in the range of $5.35 billion to $5.40 billion, representing year-over-year growth of between 26% and 27%. Last quarter, the company forecast FY2022 revenue in the range of $5.275 billion to $5.325 billion.

Tech Earnings More

Lacework has raised $1.3 billion in a new funding round to bolster its position in the cloud security market. 

Announced on Thursday, the Series D funding round was led by existing investors Sutter Hill Ventures, Altimeter Capital, D1 Capital Partners, and Tiger Global Management. New investors have joined, including Liberty Global, General Catalyst, Snowflake Ventures, and Morgan Stanley Investment Management.Founded in 2015, Lacework develops cloud security solutions for the cloud, containers, and DevOps teams. The Lacework Cloud Security Platform collects, analyzes, and compiles security and threat data for anomaly detection, event and alert visualization, and compliance.  The San Jose, Calif.-based company counts Cloudera, VMware, Nextdoor, and Snowflake among its customers.  Lacework says the cash injection will be used to expand go-to-market strategies in the cloud security sector and to fund product development and innovation.  In addition, the security firm says that some of the funding will be used to “pursue additional strategic acquisitions,” building upon the recent purchase of Soluble. 

Soluble, a cloud infrastructure management company, was acquired earlier this month. The purchase price was not disclosed.  Lacework previously closed a $525 million funding round. The company has now completed five separate funding rounds since 2015. “Lacework’s Cloud Security Platform was built in the cloud, for the cloud. It’s a fundamentally different — and better — approach to security that is already dramatically reshaping the security market,” commented Mike Speiser, Managing Director of Sutter Hill Ventures. “With an outstanding platform and an exceptional team, Lacework has repeatedly exceeded every goal over the last 18 months. We continue to believe this is one of our most promising portfolio companies.” Previous and related coverage Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More