Tag Archive for: Prevalent

More LockBit-based ransomware strains set sights on prevalent bugs

/in


Widely known security vulnerabilities have been increasingly targeted by ransomware strains based on the leaked toolkit of the LockBit ransomware operation, reports The Record, a news site by cybersecurity firm Recorded Future.

After reporting that vulnerable WS_FTP servers impacted by the CVE-2023-40044 flaw were targeted by Reichsadler Cybercrime Group with a payload based on exposed LockBit source code, Sophos researchers discovered that old Adobe ColdFusion servers have also been subjected to attacks with a LockBit knockoff by the BlackDogs2023 ransomware.

“It’s entirely possible that other copycats will emerge, which is why it’s essential for organizations to prioritize patching and upgrading from unsupported software whenever possible. However, it’s important to note that patching only closes the hole. With things like unprotected ColdFusion servers and WS_FTP, companies need to also check to make sure none of their servers are already compromised, otherwise, they’re still at risk of these attacks,” said Sophos Principal Threat Researcher Sean Gallagher.

Source…

Emotet retains hold as most prevalent malware

/in


Notorious botnet Emotet has held on to its spot as the most widely used malware, according to the latest Global Threat Index from Check Point Research (CPR).

The news comes despite a 50% drop in its global impact in July compared to June. CPR estimates that it affects 7% of organisations worldwide.

In addition, CPR warned that the botnet has added new features and capabilities, such as its latest credit card stealer module developed, and adjustments done in its spreading systems.

Emotet’s popularity comes in spite of its previous ‘deletion’ from the internet. As part of a major police operation at the start of 2021, infrastructure used to deliver the botnet was seized and people accused of being behind it were arrested.

This led to an update being delivered to all infected machines to disable Emotet and its control servers were terminated.

Authorities hoped that this would lead to the death of one of the most prolific botnets in the world, estimated to be operating on around one million devices around the world.

However, it has resurged and regained its position as the top malware threat.

Other than Emotet, CPR identified several other movements in the global malware ecosystem in July.

Formbook is the second most prevalent form of malware, affecting 3% of organisations worldwide. First detected in 2016, this infostealer targets Windows OS where it harvests credentials from various web browsers, collects screenshots, monitors and logs keystrokes, and can download and execute files.

Recommended

Snake Keylogger, a credential stealer, fall from third to eighth place. The month before, it was being spread via malicious Word documents so the decrease in its prevalence could be due in part to Microsoft’s recent confirmation that it will block macros by default.

Replacing it in third place is XMRig, an open-source CPU software used to mine cryptocurrency – this indicates that cybercriminals are fundamentally ‘in it for the money’ despite any higher motivations they may claim, such as hacktivism.

Malibot, which was new to CPR’s report last month, remains a threat to users of mobile banking as it is still the third most prevalent mobile…

Source…

Prevalent Enhances Platform Essentials with Unlimited Third-Party Ransomware and ESG Assessments

/in


Third-Party Risk Management Leader Helps Organizations Proactively Protect Against Prominent Threats

PHOENIX, Aug. 26, 2021 /PRNewswire/ — Prevalent, Inc., the company that takes the pain out of third-party risk management (TPRM), today announced crucial enhancements to its Platform Essentials solution enabling organizations to be more proactive in assessing third-party risks. These enhancements will enable organizations to achieve two important goals – immediately determining if a ransomware vulnerability affects their supply chain, and performing ESG assessments for their entire vendor population. This extended visibility on ransomware and ESG can help build a more comprehensive vendor risk profile that can be used to drive vendor profiling and tiering exercises.

Prevalent Inc. Logo (PRNewsFoto/Prevalent Inc.)

Prevalent Inc. Logo (PRNewsFoto/Prevalent Inc.)

“Third-party risk management professionals don’t have to look far to read about two of the most prominent risks facing their organizations today – ransomware and environmental, social and governance (ESG),” stated Alastair Parr, senior vice president of global products and risk for Prevalent, Inc. “Although different, each risk can result in significant business disruption or reputational damage if not properly managed. Once it became evident that these threats could affect organizations of all sizes, we quickly dedicated resources to enhance Platform Essentials, ensuring our customers could proactively protect against these risks while informing tiering decisions.”

Prevalent Platform Essentials is a SaaS solution for centralized onboarding, profiling, tiering and scoring of inherent risks across all third parties, and features these important capabilities:

  • Flexible vendor onboarding: Spreadsheet upload or API with supporting enterprise intake process

  • Inherent risk scoring: Out-of-the-box profiling and tiering assessment, including cyber and non-cyber content

  • Comprehensive profile: Includes industry and business insights, beneficial ownership, ESG scores from 12,000+ publicly-listed entities, and mapping of 4th-party relationships

  • Topical assessments: Determine ransomware risk and ESG policy adherence with standardized assessment templates

  • Risk register: Centrally visualize…

Source…

Zero-Day Exploits Are Most Prevalent Attack in Hybrid Cloud Environments, according to Capsule8-Sponsored Study

/in

  1. Zero-Day Exploits Are Most Prevalent Attack in Hybrid Cloud Environments, according to Capsule8-Sponsored Study  GlobeNewswire (press release)

    2. Full coverage

zero day exploit – read more