Tag: Spikes | SpinSafe

Zero-day exploitation spikes | SC Media

March 29, 2024/in Internet Security

Threat actors actively exploited 97 zero-day vulnerabilities last year, which is more than 50% higher than in 2022 but lower than in 2021, reports BleepingComputer.

Most of the abused zero-days impacted operating systems, mobile devices, and other end-user platforms, according to a joint Google Threat Analysis Group and Mandiant report. While most state-sponsored attacks leveraging the security bugs were attributed to China, nearly half of all identified zero-days were exploited by commercial spyware vendors.

Among the notable spyware actors involved in zero-day exploits were the Intellexa Consortium behind the Predator spyware, the NSO Group behind the Pegasus spyware, and Variston associated with the Heliconia framework.

“Private sector firms have been involved in discovering and selling exploits for many years, but we have observed a notable increase in exploitation driven by these actors over the past several years,” said researchers.

Such a report comes weeks after sanctions have been imposed by the Treasury Department’s Office of Foreign Assets Control against Intellexa founder Tal Jonathan Dilian.

Source…

Ransomware Spikes 130% in January – Digital Transactions

February 5, 2024/in Internet Security

Already, 2024 is starting off with an unrelenting wave of ransomware attacks. The number of attacks last month, as registered by cybersecurity firm BlackFog, increased 130% from January 2023.

Cheyenne, Wyo.-based BlackFog says the 76 attacks noted this January are the second-highest it has ever recorded. The highest number came only in November, when nearly 90 attacks happened. The insidious nature of ransomware can mean companies pay to get their data decrypted by the criminals who scrambled it, and often have expensive followup actions to complete.

BlackFog’s data shows that the education sector, at 14, saw the most attacks followed by healthcare at eight and manufacturing at seven. Finance endured five attacks in January. The data also show that, in the past few months, ransomware attackers made a decided shift to small and mid-size organizations.

Most attacks still seek to extract data, with 91% of all ransomware having that goal, it says. The average ransom payout is $568,705, down 33% from the third quarter of 2023.

“We are now seeing extortion continue for years after the initial attack, even if the victim paid the initial ransom,” Darren Williams, BlackFog chief executive and founder, says in a statement. “There are so many ways to leverage data once it has been exfiltrated. Lastly, we see that China and Russia continue to dominate as the leading destinations for exfiltrated data, with 18% and 8% respectively.”

Organizations in the United States account for 57% of ransomware attacks, followed by the United Kingdom at 8%, and Singapore at 4%.

Source…

Malware disguised as meeting apps spikes 1000% in a year

April 15, 2021/in Computer Security

Cyber threats disguised as video conferencing applications jumped by 1 067% in a year.

This was revealed by an Atlas VPN analysis of data that was provided by security giant Kaspersky.

As workforces became remote thanks to the COVID-19 pandemic, bad actors, always keen to cash in, began distributing malware using popular meeting applications as a lure.

In March last year, the anti-virus provider detected 90 000 malicious installers hidden under the name of popular meeting applications, and in January 2021, this number jumped to 1.15 million.

For the duration of 2020 malefactors targeted victims with this type of malware around 411 000 times per month. The volume of attacks increased steadily during the year, with noticeable spikes in November and December.

The most popular applications used to disguise malware are Zoom, MS Teams, Slack, Webex, HighFive, Lifesize, Join.me, Flock, Gotomeeting.

Although the applications used to disguise malware are constantly changing, steps to protect against threats remain the same, says Atlas VPN.

What changed is how vigilant everyone needs to be in light of the record-high activity among cyber criminals.

There are countless tricks that fraudsters can use to fool users into clicking on phishing links or downloading attachments. As a rule of thumb, users are advised to ignore all e-mail attachments and links until they can confirm they are the genuine article.

Phishing websites also reached unprecedented levels in the past year, says Atlas VPN. “Google detected a record-high 2.11 million phishing sites in 2020. Looking at the last decade year-by-year, the volume of phishing portals grew by 43% on average.”

Again, whenever directed to a Web site from any link or form, be it Google Ads, e-mail link, or an apparent message from a friend, users are advised to proceed with caution.

“Finally, a huge red flag should also go up if you are browsing a well-known Web site and detect spelling or grammatical errors. Hackers rarely hire professional writers to proofread their texts, which makes this an obvious clue to detect a phishing site.”

Source…

Mid-year 2019 SonicWall Cyber Threat Report outlines major spikes in various threats – ITWeb

September 3, 2019/in Internet Security

Mid-year 2019 SonicWall Cyber Threat Report outlines major spikes in various threats ITWeb

SonicWall’s mid-year 2019 SonicWall Cyber Threat Report has cited an alarming 76% and 55% spike in encrypted and IOT attacks respectively. The company …

“exploit kit” – read more

Tag Archive for: Spikes