Tag: Dominate | Page 2

Ransomware Incidents Continue to Dominate Threat …

March 24, 2021/in Internet Security

Cisco Talos’ IR engagements found attackers relied heavily on malware like Zloader and BazarLoader to distribute ransomware in the past three months.

Ransomware operators relied heavily on a handful of commodity Trojans, open source reconnaissance tools, and legitimate Windows utilities to execute many of their attacks during the past quarter, according to data from incidents handled by the Cisco Talos Incident Response (CTIR) team.

The data, collected from customer locations between November 2020 and January 2021, showed attackers continuing to overwhelmingly use phishing emails with malicious documents to deliver Trojans for downloading ransomware on victim systems.

But unlike in the recent past where the Emotet and Trickbot malware families were the primary vehicles for distributing ransomware, many of the Trojans used for this purpose in the past quarter were commodity tools such as Zloader, BazarLoader, and IcedID. According to the CTIR team, nearly 70% of the ransomware attacks it responded to over the three-month period used these or similar Trojans to deliver ransomware.

“We saw a variety of commodity Trojans used this quarter, as opposed to previous quarters in which Trickbot and Emotet were dominant,” says Brad Garnett, general manager of the Cisco Talos Incident Response team.

For enterprises, the trend could spell even more trouble on the ransomware front.

“Commodity Trojans are easy to obtain and possess numerous capabilities for lateral movement, command-and-control communications, etc., which can increase the efficacy of a ransomware attack,” Garnett notes.

The CTIR team’s data from incident response engagements showed ransomware dominated the threat landscape during the three-month period just like it has for the past the seven straight quarters. The most prolific ransomware families included Ryuk, Vatet, WastedLocker, and variants of Egregor.

As they have in the past, ransomware operators took advantage of several open source and legitimate admin tools and utilities to facilitate attacks, move laterally in compromised networks, hide malicious activity, and take other actions. Some 65% — or nearly two-thirds — of the ransomware incidents the Cisco Talos team…

Source…

IoT gadgets dominate the holiday sales – and so do their security risks

December 10, 2020/in Internet Security

The annual retail conventions of Black Friday and Cyber Monday have long had a tradition of drumming up the latest tech products ahead of Christmas. Internet of Things (IoT) enabled products have become an increasingly popular mainstay of the sales rush, including virtual home assistants, wearable tech, smart toys and connected appliances.

However, as these connected products continue to dominate the holiday sales scene, they are also highlighting longstanding security concerns with IoT devices. Products are often found to be lacking even basic security safeguards, potentially exposing users to privacy invasions, cyberattacks, and even physical danger.

Those who splurged on IoT-enabled devices in this year’s sales will need to be aware of potential new security threats against themselves and their employers.

About the author

Richard Hughes is Head of Technical Cyber Security at A&O IT Group

How weak IoT security invites hackers into the home

IoT security vulnerabilities are extremely common, and our own investigators have found major flaws in everything from kettles to sex toys. There has been a steady cadence of IoT security breaches making the headlines over the last few years, including both the discovery of potential vulnerabilities and cases of actual exploitation.

One of the most prominent recent examples has been the Ring smart doorbell produced by Amazon. The device is ostensibly designed to help users with home security, enabling them to remotely access video and audio feeds from their smartphone, as well as receiving alerts when they have a visitor.

However, it quickly became apparent that Ring was lacking several important security features. The device is controlled by a mobile app but did not set any limits on incorrect login attempts or notify users when there was a failed attempt or a successful login from a new location or device. This meant it was straight forward for a threat actor to brute force their way into the user’s account and connect to the device. There were multiple examples of Ring devices being hijacked to spy on households, as well as the speaker function being used to harass and threaten people with physical violence. Connecting to a Ring device…

Source…

Dominate the Electromagnetic Spectrum: Lockheed Martin cyber/electronic warfare system moves into next phase of development – Aerotech News

May 1, 2020/in Internet Security

Dominate the Electromagnetic Spectrum: Lockheed Martin cyber/electronic warfare system moves into next phase of development Aerotech News
“cyber warfare news” – read more

Ransomware, Cyberespionage Dominate Verizon DBIR

April 28, 2017/in Mobile Security

Verizon’s Data Breach Investigations Report for 2017 shows big growth in the reported number of ransomware attacks and incidents involving cyberespionage.
Threatpost | The first stop for security news

Tag Archive for: Dominate

How weak IoT security invites hackers into the home