Tag Archive for: Shifting

Shifting Targets of Cyberattacks from Governments to Big Tech

/in


  • In recent months, bad actors seem to be modifying their modus operandi. State-sponsored cyber attackers were expected to target governments primarily, particularly owing to growing global tensions; cyberattacks have increasingly shifted their focus toward big tech companies.
  • This shift highlights changes in the global geopolitical landscape and emphasizes the vital role of technology in modern society. Understanding the change and its implications is critical to devising and implementing effective strategies to minimize cyber threats.

The evolving threat landscape

Historically, cyber warfare has largely targeted government assets, with threat actors sabotaging sensitive data, critical infrastructure, and strategic assets. Cyber espionage and sabotage have often been conducted by state-sponsored actors whose objectives were primarily aligned with military, political, or economic gains. The Stuxnet worm, which is believed to be developed jointly by the United States and Israel, targeting Iran’s nuclear program, is one such example.

However, as technology has become increasingly intertwined with all aspects of modern life, the landscape of cyber threats has also experienced an evolution. Tech companies possess massive repositories of valuable information, including financial records, personal information, trade secrets and other intellectual property.

These businesses have become critical to the global economy and have a substantial influence on multiple areas of specialization. This makes them attractive targets for cybercriminals seeking geopolitical advantage, pushing ideological motives, or financial gain.

See More: 5 Serious Repercussions of Targeted Cyberattacks on Business Leaders

Factors that make tech companies a target

One of the key reasons behind the shift in targets is the value of the data held by big tech companies. With the rapid spread of cloud computing and digital services, companies like Facebook, Google, Microsoft and Amazon have collected massive volumes of data ranging from behavioral patterns and user preferences to proprietary algorithms and sensitive corporate data that have become a very lucrative target for cybercriminals.

In the last year…

Source…

Why Hacker Tactics Are Shifting To Cookie Theft: Expert

/in


As more organizations adopt multifactor authentication, theft of browser cookies is becoming a go-to method for attackers to bypass the security measure, says Sophos Global Field CTO Chester Wisniewski.


As more organizations adopt multifactor authentication (MFA), the theft of web browser cookies is turning into a go-to method for attackers seeking to subvert the security measure, according to a top security researcher.

To combat the massive risk posed by stolen or compromised passwords, MFA—which requires a second form of authentication beyond username and password—has long been considered harder to defeat than password-only logins and is an essential part of cyberdefense.

[Related: 10 Major Cyberattacks And Data Breaches In 2023]

Organizations have gotten the message, and MFA is now increasingly commonplace even among small and midsize businesses. But because browser cookies are sometimes configured to allow logging in without triggering an MFA challenge, theft of the web session data is proving to be an ideal workaround for attackers, said Sophos Global Field CTO Chester Wisniewski.

“More and more small businesses are adopting good security practices, like multifactor [authentication],” Wisniewski told CRN. “But if I can get onto one computer and steal those cookies, I don’t need to worry about multifactor anymore. I can just bypass the authentication entirely.”

Ultimately, “the cookie is the universal key that unlocks everything,” he said.

The growth of this tactic among threat actors is underscored by findings from the recently released 2024 Sophos Threat Report, including the discovery that nearly all attacks tracked in the report—90 percent—included the use of infostealer malware. The percentage of attacks involving infostealers had not been tracked in previous years since it was seen as a significantly smaller concern, Wisniewski said.

And while the tools can be used to steal passwords, attackers are frequently using the malware to obtain browser cookies, he said. “I think…

Source…

Darktrace says Cyber threats shifting towards as-a-service tools

/in


The latest End of Year Threat Report by Darktrace indicates a significant shift in cyber threats and attack methods over the last half of 2023. The report draws attention to an increasing reliance by cybercriminals on as-a-service tools and underscores evolving attacker strategies.

According to the findings, as-a-service attacks continue to be the primary threats, with Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) representing the major portion of tools wielded by cybercriminals. These services provide criminals with functionalities such as pre-made malware, payment processing systems, and phishing email templates, thus enabling attackers who lack sophisticated technical expertise to launch attacks.

The most prevalent as-a-service tools recorded by Darktrace from July to December 2023 include malware loaders, accounting for 77% of investigated threats. These are followed by cryptominers (52% of investigated threats) that use infected devices for cryptocurrency mining and botnets (39% of investigated threats) that enrol users in wider networks of compromised devices for large-scale attacks. Information-stealing malware, designed to clandestinely access and gather sensitive data, comprised 36% of examined threats while proxy botnets made up 15%.

The study shed light on the fast-growing threats replacing Hive ransomware, previously identified as one of the major Ransomware-as-a-Service attacks in 2023. When Hive was dismantled by the US government in January 2023, there arose a void which was quickly filled by threats such as ScamClub, known for spreading fake virus alerts to leading news sites and AsyncRAT, lately responsible for attacks on US infrastructure employees.

In the period between 1st September and 31st December 2023, Darktrace detected 10.4 million phishing emails. However, alongside traditional methods such as phishing, cyber criminals are adopting more sophisticated strategies designed to sidestep traditional security parameters. The report cites the rise of Microsoft Teams phishing as an example of these advances. In this method, attackers impersonate co-workers to trick employees into clicking harmful links deployed in the Teams…

Source…

The Shifting State of Android Security

/in

  1. The Shifting State of Android Security  PCMag

  2. Google took down over 700000 bad Android apps in 2017  The Verge
  3. Google credits AI for stopping more rogue Android apps in 2017  Engadget
  4. How Google fights Android malware  ZDNet

    5. Full coverage

android security news – read more