Tag Archive for: attacks

Israel Saw 43% Surge In Cyber Attacks From Iran, Hezbollah In 2023

/in


Israel saw a 43% surge in cyber assaults originating from Iran and Hezbollah in the last year, a recent report from Israel’s National Cyber Directorate has revealed.

The annual publication highlights a significant escalation in cyber warfare tactics during the period from the October 7 invasion from Iran-backed Hamas, to the end of 2023.

According to the report, Israel encountered a 2.5-fold increase in cyber intrusions compared to previous years, with a total of 3,380 attacks documented during the specified timeframe. Notably, 800 of the attacks were deemed to possess “significant potential for damage” by the National Cyber Directorate.

“The war brought with it an increase in cyber attacks that intensified gradually, shifting from a focus on information theft to disruptive and damaging attacks,” the report stated. It said the attacks had aims from simply spreading public discord to more sophisticated endeavors designed to disrupt essential organizations and influential companies within supply chains.

The Directorate underscored the targeting of hospitals as central objectives, attacks aimed at undermining the war effort and intelligence gathering, and a burgeoning collaboration between Iran and Hezbollah in executing cyber operations.

Throughout 2023, the Directorate registered a total of 13,040 verified cyber attack reports, representing a 43% surge compared to the preceding year. Notably, 68% of these reports coincided with the Gaza conflict.

Of the reported attacks, 41% targeted social networks, 25% were phishing attempts, and 13% exploited vulnerabilities in computer systems. The remaining assaults comprised malware attacks, disruptions to operational continuity, and communication disruptions.

The report also emphasized the prevalent use of compromised login data and phishing techniques by attackers, underscoring the need for heightened vigilance and enhanced cybersecurity measures across critical sectors.

Source…

5 Questions about Dual Ransomware Attacks

/in


When the FBI issues a warning about a new cyberattack trend, it’s not just hype. Healthcare IT teams should pay attention and adjust tactics if appropriate. Last year, the federal law enforcement agency warned of bad actors using multiple attacks to target the same victims. Here’s what healthcare organizations need to know.

1. What Is Dual Ransomware?

Dual ransomware is the cybercriminal version of “attack in depth.” Rather than depend on a single ransomware toolkit, criminals are deploying multiple ransomware packages at the same time or within a day or two once they’ve gained a foothold in a network. The FBI also warns that cybercriminals are leaving behind dormant data wipers as yet another way to pressure victims into responding to payment demands.

Click the banner below to learn how to get the most out of your zero-trust initiative.

 

2. Why This Attack Method?

Malicious actors are finding it more difficult to break into enterprise networks. As IT managers and vendors get better at blocking attacks, cybercriminals must leverage a smaller number of successful break-ins to ensure that they can hold an organization for ransom. Breaking in is the hard part; the ransomware piece is now a commodity available from more than a half-dozen dark-web vendors. It’s therefore worth it to criminals to make sure that, once they’re in, they can take control, maintain it and maximize their chances of a high payoff. Combining multiple tools with both data encryption and exfiltration techniques, dual ransomware attacks are twice as hard to defeat.

READ MORE: What is a rapid maturity assessment and why is it useful in zero trust?

3. Why Is This a Big Deal for Healthcare IT?

Healthcare is one of the most vulnerable industries when it comes to ransomware. Either an encryption attack that locks up important patient data or an exfiltration attack that risks exposing patient health information can cause a lot of damage. Having both occur at the same time is a gut punch when a cybercriminal comes calling.

4. What Defense Tactics Should Be Used?

When healthcare IT teams respond to an attack, they must remember that multiple tools are likely being deployed: Once…

Source…

Google Confirms Massive Increase In Zero-Day Vulnerabilities Exploited In Attacks Due To Spyware Vendors

/in


Google has published a new report that speaks about the significant rise in zero-day vulnerabilities that continue to be exploited in attacks from 2023.

Both its Threat Analysis Group, as well as the company’s subsidiary firm Mandiant, mentioned how the figures continue to grow as we speak and a lot of that has to do with spyware vendors.

The figures reached 97 zero-days and that stood for more than a 50% rise when you compare it to the past which was just 62. But despite such an increase, the numbers are still much lower than the rise of 106 seen back in the year 2021.

Both entities collectively witnessed 29 out of the 97 vulnerabilities. They even spoke about 61 impacted end users who made use of Google’s products and services such as mobile phones, browsers, and social media apps.

Furthermore, the rest of them were utilized to attack tech like security software and a host of other leading devices in this regard. As far as the enterprise side is concerned, there’s a mega array of vendors as well as products under target and we’re seeing more specific tech getting impacted as a result of this.

Let’s not forget how they’ve seen that as the years pass by, the faster they’re discovering the patch featuring bugs from attackers and this means shorter lifespans arising due to the exploit in question.

In 2023, plenty of threat actors made use of zero-day vulnerabilities that went up to Figure 10. And interestingly, it was China that was highlighted as being behind most of the attacks that had support from the government. Some of those entailed espionage groups from the country which was a trend moving upward.

In 2023, it was all thanks to commercial surveillance that seemed to be the culprit of these attacks that kept on targeting both Android as well as Google devices.

They include up to 75% of all those zero-day exploitations that kept on hitting the platforms. In addition to that, there were vendors

Other than that, most of the 37 zero-day vulnerabilities found on browsers as well as devices that were exploited in 2023 had Google linking close to 60% of all CSVs that keep on selling spyware to clients in the government.

Way back in February, Google revealed how so many…

Source…

Crypto Losses In The First Quarter To Web3 Attacks And Scams Decreased By 23%.

/in

Immunefi reports that in the first quarter of 2024, the cryptocurrency industry’s losses from web3 hacks and scams decreased by 23% as compared to the same period the previous year.

TakeAway Points:

  • Web3 losses in the first quarter were due to fraud and hacking declines.
  • SBF-backed UK NGO for effective altruism to shut down.
  • B3 in Brazil has received approval to trade Bitcoin futures.

Crypto Losses To Web3 Hacks

Crypto industry losses to web3 hacks and scams declined 23% in the first quarter of 2024, compared with the year-earlier period, according to Immunefi.

A report from Immunefi, a bug bounty and security services platform for web3, said that while more than $336 million was lost in Q1, the same period in 2023 saw more than $437 million in such losses.

Hacks continued to be the main cause of losses at about 96%, as scams accounted for 4% of the total losses. DeFi, with almost $100 billion of total value locked in web3 protocols, was the main target of successful exploits.

“While it’s positive that overall losses have decreased, it’s essential to note that DeFi faced significant challenges, accounting for 100% of total losses in Q1 2024,” Immunefi founder and CEO Mitchell Amador said. “Particularly, the ecosystem witnessed a considerable volume of losses due to private key compromises, emphasising the critical need to secure both code and protocol infrastructure.”

The two most targeted chains were Ethereum and BNB Chain. Ethereum suffered the most individual attacks with 33 incidents, followed by BNB Chain with 14, the report said.

The two biggest exploits were conducted against Orbit Bridge, with about $82 million stolen, and Munchables at $63 million. These two accounted for 43% of the first-quarter losses.

About $74 million, or 22%, of the stolen funds were recovered, Immunefi said, including all that was taken from Munchables, an NFT game on the Ethereum layer 2 Blast.

 

Source…