top of page
Jelly - My Works.png
  • jellytirona
  • Mar 15, 2022
  • 2 min read

Originally published on linkedprospect.com




It has been months since the COVID-19 pandemic changed the way we live, and it’s predicted to do so for the coming years. We replaced our old routines with the new normal – a shift we felt from our homes down to our livelihood.

One of the biggest effects of social distancing is the drastic change in how to do businesses. With added health precautions, we’re moving away from traditional face-to-face meetings and sales pitches.

Apart from the new work-from-home setup, what else are the lasting implications of the global pandemic in the world of B2B marketing and sales?


No longer targets, but partners


Experts predict that due to the numerous factors affecting the behavior of B2B buyers, the relationship between sellers and buyers will now change (which also applies to B2B leaders who do business). And it is not just increasing bouncing rates or declining open rates; they predict an even more significant change – B2B buyers will now begin to expect for their suppliers to treat them as partners instead of targets.


Blurred lines between inside and field sales


With most countries now urging people to stay at home at all times, the tension among field and inside salespersons has become more. Business decision-makers are opting for digital interactions. This preference pushed traditional sellers to dive into the digital world as well, blurring the line that once separated field and inside sales.


Rise of digital events


One aspect of our lives that the global pandemic has affected the most how we socialize. B2B marketers are now compelled to create digital events over in-person get-togethers. As a result, experts anticipate that there will also be an increase in event management and personalization technology investments on the part of marketing departments. Additionally, event ROI will now be calculated based on engagement rather than leads (or the traditional KPI).


Laggard industries will turn to marketing automation


Companies are projected to increase their marketing budgets to achieve maximum optimization in the areas of customer analytics, customer feedback, and marketing performance management. In laggard industries such as manufacturing, wholesale, and the like, B2B marketing heads are more likely to go all the way with their investment and adopt automation technologies. Laggard industries have depended on traditional methods for so long before the whole COVID-19 pandemic started and are now ready to step up their marketing strategies.


Going beyond customer satisfaction


Growing and keeping customers has become an essential step in the process of recovering from the effects of the pandemic. Marketers will have to make the shift from customer retention to advocacy. Content with more customer insights and empathy are expected from B2B marketers if they want to establish trust and credibility to produce not just satisfied buyers, but advocates.

 
 
 

Originally published on expee.com.ph



A little over a year ago, Expee CEO and Founder Justin Talusan was working in a make-shift office with three other people in his apartment. Today, he’s pioneering the launch of the first Grocery Assistant app in the Philippines.


A graduate of De La Salle College of St. Benilde, Justin credits his accomplishments to his work ethic. “First year college palang, naghahanap na ako ng diskarte para makapag-Benilde,” he shared. “I skipped college parties and went straight to work. That’s where I developed my work ethic.”


With zero employees and no established companies yet, he started to pitch to firms, which eventually got him inside Nestlé’s agency bidding. “Everytime an agency would present, I would call up friends and offer to do the same thing for a cheaper price.” Unsure of the career he wanted to venture into, Justin continued to work for Nestlé as a freelance digital artist.


“One day, a bunch of iPads came for a mobile app that an outside company developed for them,” he continued. Justin was eager to venture into the tech industry and create mobile apps for local companies. “I went home and couldn’t sleep, so I started to think of a company name.”


Six years later, Justin is working with his own team to create mobile applications to streamline business processes.


His new introduction, the Expee App, is a lifestyle platform that offers promotion alerts and rewards for its users. With the app, shoppers get notified of product deals as they walk around the supermarket.


“I want to give shoppers a better grocery experience,” he shares.


Justin has been on his toes to make this launch possible, and they’re set to open booths in four Robinsons stores this coming September.


After an hour long meeting with one of the country’s biggest retail chains, we asked Justin how he handles the mountain-pile of work he needs to finish to keep Expee going.


“Much is given, much is required,” he said matter-of-factly.





 
 
 

Originally published on intelegencia.com



An overwhelming number of websites were found compromised by a sophisticated botnet called KashmirBlack that attacked through vulnerable content management system (CMS) platforms.


The botnet, which made good use of agile development, was released in 2019 and has since been using infected website servers for mining, spamming, and showing web defacements. From a small, almost harmless bot, KashmirBlack is now an agile software capable of attacking thousands of websites across 30 countries each day.


Hackers behind the bot


Cybersecurity leader Imperva Research Labs published its findings after an intensive investigation on KashmirBlack spanning six months. During their half-year journey, the team identified hacker Exect1337 who may be the brain behind the bot.


By tracing the signature, Imperva also found Indonesian group PhantomGhost involved, a team that focuses on defacement. It was the hacker’s marker on another code that the researchers derived the name KashmirBlack from.


The investigation process was nothing short of tedious. Imperva’s first step was to attract the botnet through a honeypot. As expected, their puppet was attached and transformed into a spambot. Soon enough, the team started to receive instructions directly from a single Command and Control (C&C) server.


When the research went according to plan, the Imperva team immediately identified the inner workings from the KashmirBlack bot to the honeypot. They dissected the ways the bots interacted, further strengthening their findings on the botnet.


Three days later, the hackers grew suspicious. The Imperva team was soon locked out – proof of how responsive and alert the team behind the agile software bot is.


Complex operations starting from 2019


From its investigation, Imperva determined that the botnet operation through agile methodology started around November 2019 with more than 60 servers working as part of its infrastructure. The team believes that the C&C sends instructions on new targets and brute force attacks to over thousands of botnets.


When it comes to more in-depth ways of operating, Imperva believes that KashmirBlack takes advantage of the decade-old patchable vulnerability PHPUnit RCE to attack its victims. Such is further proof that the hackers behind it are targeting CMS platforms, although this claim is just a theory at the moment. The hackers seem to be targeting CMS for its weak password, unsupported plugins, and outdated versions (otherwise called “poor cyber hygiene”).


The study further shows that KashmirBlack is more than just a spambot. The hackers built it with a sophisticated infrastructure that allows it to expand and exploit with little to no effort. In addition, the botnet does a tremendous job at camouflaging itself to protect its presence and operation.


In fact, Imperva even identified traces of development frameworks such as DevOps and Agile in the botnet. The hackers seem to have been using these methodologies to adapt KashmirBlack and help it evolve to understand new commands from the control center quickly. It likewise can change repositories for storing malicious documents.


The purpose behind the botnet


All this work couldn’t have gone for nothing. It’s evident that the team behind KashmirBlack had its purpose for building and protecting the bot through agile development. Imperva looked at the possible purposes and found three: crypto mining, spamming, and defacement. However, they noticed that these were not fixed or absolute. The objectives seem to shift over time as well.


Just recently, botnet went all-digital by transferring to cloud-based service Dropbox, abandoning the old control center C&C. Imperva found evidence of Dropbox API when KashmirBlack fetched instructions or sent reports on new bots.


The change of platform goes beyond only making their operations more digital. KashmirBlack now has the ability to hide illegitimate activity behind legitimate web services, further strengthening its camouflaging capabilities and secured operations. As a result, it will be harder for future researchers to get as close to the hackers as Imperva did.


What experts have to say


The Imperva team had their thoughts and comments on the agile methodologies used by the KashmirBlack hackers. Security researcher Sarit Yerushalmi, a co-author of the report, says, “Understanding KashmirBlack required a delicate game of cat and mouse; looking behind the scenes to get inside the hackers mind, while trying to stay undetected by the powers operating it. This has given us a vital glimpse into the anatomy and operation of an active botnet in real-time.


“Discovering all the entities, layers and architecture behind the botnet and watching it evolve has made clear just how sophisticated these operations are becoming.”


Further, Ofir Shaty, another author who worked alongside Yerushalmi, says that this study is the first time the team saw botnet operations first-hand. Indeed, the results were no less than helpful for the industry in understanding how hacker groups work and continue activities despite strong privacy and protection protocols. He shares, “the level of orchestration is remarkable. It’s a very polished operation using the latest software development techniques. With potentially millions of victims across the world, this level of sophistication should be a cause for concern.”


“Once a server is being controlled by a hacker, it has the potential to compromise other servers in the domain in a domino effect, leading to potential data leakage, driving down brand reputation, and eventually losing revenue,” says Shaty.


Head of threat research Nadav Avital had his learnings from the extended research, including the importance of strong passwords in defending against brute force attacks. He further stressed how crucial it is to deploy web application firewalls (WAF) to protect websites against unwanted bots like KashmirBlack. Although it may be considered as small steps, all of these precautions add up to enforce stronger protection against malware.


Avital also gave his advice on security to companies with online platforms. According to him, it’s always crucial to practice good cyber hygiene. Simple steps like removing plugins, updating core files and modules, and denying access to sensitive files will give organizations a security barrier against these hackers.


“If you discover that you are in the botnet, then you must kill the malicious processes and remove the malicious files and jobs. You will then need to investigate whether the infection has spread and compromised any other data or systems. But prevention is always better than cure.”



 
 
 
bottom of page