Tag Archive for: Empower

As-a-Service tools empower criminals with limited tech skills

/in


As-a-service attacks continue to dominate the threat landscape, with Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) tools making up the majority of malicious tools in use by attackers, according to Darktrace.

as-a-Service malware tools

Cybercriminals exploit as-a-Service tools

As-a-Service tools can provide attackers with everything from pre-made malware to templates for phishing emails, payment processing systems and even helplines to enable criminals to mount attacks with limited technical knowledge.

The most common as-a-Service tools Darktrace saw in use from July to December 2023 were:

  • Malware loaders (77% of investigated threats), which can deliver and execute other forms of malware and enable attackers to repeatedly target affected networks.
  • Cryptominers (52% of investigated threats), which use an infected device to mine for cryptocurrency.
  • Botnets (39% of investigated threats) enrol users in wider networks of infected devices, which attackers then leverage in larger-scale attacks on other targets.
  • Information-stealing malware (36% of investigated threats), malicious software like spyware or worms, designed to secretly access and collect sensitive data from a victim’s computer or network.
  • Proxy botnets (15% of investigated threats), more sophisticated botnets that use proxies to hide the true source of their activity.

Phishing threats escalate in business communications

Darktrace identified Hive ransomware as one of the major Ransomware-as-a-Service attacks at the beginning of 2023. With the dismantling of Hive by the US government in January 2023, Darktrace observed the rapid growth of a range of threats filling the void, including ScamClub, a malvertising actor notorious for spreading fake virus alerts to notable news sites, and AsyncRAT, responsible for attacking US infrastructure employees in recent months.

As businesses continue to rely on email and collaboration tools for communication, methods such as phishing continue to cause a headache for security teams. Darktrace detected 10.4 million phishing emails across its customer fleet between the 1st September and the 31st December 2023.

But the report also highlights how cybercriminals are embracing more…

Source…

Digital Platforms Empower Investors through Control, Convenience and Confidence

/in


The pandemic may have changed how we use technology, and ultimately how we manage our finances.

Throughout the pandemic, people increasingly relied on digital platforms, such as websites, apps and videoconferencing tools, for work and personal activities. At the same time, organizations improved their online customer experiences by embedding new technologies, making investments, and accelerating enhancements to respond to increased digital traffic. These advances often came with the goal of nudging people’s everyday choices and behaviors as well as improving consumer decision-making.

It appears to be working. Companies are interacting with customers through digital channels more than ever. In fact, in the U.S. 65% of customer interactions were digital in nature in July 2020, up from just 41% in December 2019, according to McKinsey research. It would have taken three years to see this increase under prior digital adoption rates.

Interactions with financial companies were no exception. In a recent survey of U.S. investors, Vanguard found that digital engagement for completing financial activities is strong. Roughly 70% of respondents reported they are comfortable conducting financial business online, and more than half (53%) are comfortable doing most of their investing online. Further, 60% of respondents prefer conducting financial activities online over other methods, such as in-person transactions and phoning customer service.

Survey participants cite a plethora of benefits to engaging with their money digitally, which primarily boil down to a sense of control and the ability to save time. Specifically, investors cited saving time (81%), the ability to conduct financial business at any time (75%), and faster access to their money (67%) as reasons investors prefer digital engagement.

Advantages such as the ability to transact business in real-time and broad accessibility of online financial websites allow people to take many financial interactions into their own hands. More control (47%) and more responsiveness (38%) also ranked among the top benefits of digital engagement. Whether simply checking the performance of specific stocks or interacting with their 401(k) investments,…

Source…

Empower Your Security Operations Team to Combat Emerging Threats

/in


The implementation of defense-in-depth architectures and operating system hardening technologies have altered the threat landscape. Historically, zero-click, singular vulnerabilities were commonly discovered and exploited. The modern-day defensive posture requires attackers to successfully chain together multiple exploit techniques to gain control of a target system. The increased utilization of dynamic analysis systems has driven attackers to evade detection by requiring input or action from the user. Sometimes, the victim must perform several manual steps before the underlying payload is activated. Otherwise, it remains dormant and undetectable through behavioral analysis.

It is well known that client-side attacks are the predominant access vector for most initial access. Web browser and email-based malware campaigns target users through phishing, social engineering, and exploitation. Productivity and business tools from vendors like Adobe and Microsoft are widespread and provide attackers with many options. Combining the lack of security awareness training and well-developed social engineering tactics frequently results in users permitting the execution of malicious embedded logic like weaponized macros or other scripts. Analysis of these common malware carriers is time-consuming and tedious, and it requires expert skills. To adequately prevent, detect, and respond to these threats, an organization must throw everything at the problem and augment this previously human-intensive process.

Deep File Inspection (DFI) is one approach to ease the burden associated with continuous security monitoring. DFI is a static-analysis engine that inspects beyond Layer 7 of the OSI model, essentially automating the work of your typical SOC analyst or security researcher. Regardless of the complexity of evasive techniques a threat actor utilizes, DFI dissects malicious carriers to expose embedded logic, semantic context, and metadata. Coercive graphical lures
are extracted and processed through a machine vision layer, adding to the semantic context of the original file. Commonly used obfuscation methods and encoding mechanisms are automatically discovered and deciphered.

A public concern that…

Source…

MTN Ghana partners Mobile Web Ghana to empower young girls on cyber security

/in


As part of its contribution to empower young girls in Information and Communication Technology (ICT), MTN Ghana has partnered Mobile Web Ghana to train young girls on cyber security.

The event held on Wednesday April 27, 2022 is part of activities to celebrate International Girls in ICT Day which is on the theme: ’access and safety’.

This is a day set aside to motivate young girls to study Science, Technology, Engineering, and Mathematics (STEM) and encourage them to consider careers in the growing field of ICT.

As a company committed to training more girls in the male dominated field, MTN Ghana in collaboration with Mobile Web Ghana trained young girls in cyber security.

MTN Ghana partners Mobile Web Ghana to empower young girls on cyber security

The event brought together 60 young girls drawn from the Ebenezer Methodist Junior High School (JHS) and the Kwabenya Senior High School (SHS). They were taught the importance of staying safe online.

Speaking at the event, Economic Empowerment Adviser at the MTN Ghana Foundation, Mrs. Cynthia Mills underscored the need for young girls to be educated on safety when using online tools.

According to her, in the wake of social media, they need safe and reliable access to the internet and digital tools.

The aim of the event, Mrs. Mills stated is to enlighten the girls and empower them to know what they can do to take care of themselves when on the internet.

Also, Director of Mobile Web Ghana, Florence Toffa commended MTN for the initiative.

MTN Ghana partners Mobile Web Ghana to empower young girls on cyber security

She said it is important to train young girls about the dangers on the internet so that they can stay protected.

Madam Toffa charged the girls not to give out sensitive information or passwords to people they meet online.

“Don’t give out information, numbers, and personal details to people that you don’t know. It will be very helpful for your development” she added.

For her part, Superintendent Sophia Eva Anim from the Formed Police Unit [FPU]) charged beneficiaries of the initiative to always look out for red flags when interacting with people on social media.

She said anytime young girls feel threatened, scared, or feel someone has bad intentions about them, they should immediately walk away.

Superintendent Sophia Eva Anim urged the girls not to advertise their bodies, especially…

Source…