Tag Archive for: Surge

Apple secures WebKit as global ransomware attacks surge

/in


If nothing else, Apple’s most recent emergency security update should be considered proof of an increasingly tense security environment.

Enterprises must understand that while Apple maintains a pretty solid ecosystem — certainly at present the most secure, even according to Cisco — that doesn’t mean it’s entirely safe, and every Apple customer needs to get wise to the growing proliferation of threats.

With more and more business users turning to the company’s solutions, it’s important to get ahead of the threat.

What is the current threat environment?

The latest Orange Cyberdefense Security Navigator Report claims a global 46% surge in cyber-extortion attacks across the last year — and warns that just over a third (37.45%) of detected incidents originated from internal actors, not all of these by accident.

With employees and trusted insiders remaining the soft vulnerable point for a third of attacks, it’s essential every business and every user spend time learning about the best approach to online security.

The Orange report points out that attacks are taking place at strategic points in the supply chain. It warns that larger enterprises are the most targeted entities, and points to a surge in attacks against the manufacturing sector.

Ransomware, it seems, has become so prevalent that some of the more organized groups now host help desks targets can contact for assistance — and to arrange payment and data recovery.

Weaponizing WebKit

Keep these findings in mind as you consider Apple’s latest emergency security updates. Released at the end of November, these address two zero-day vulnerabilities (CVE-2023-42916 and CVE-2023-42917) that have been exploited by hackers to access sensitive information on Apple devices and/or to execute arbitrary code by using malicious webpages to take advantage of a memory corruption bug.

Michael Covington, vice president of portfolio strategy at Jamf, explained:

“These latest OS updates, which address bugs in Apple’s WebKit, show that attackers continue to focus on exploiting the framework that downloads and presents web-based content. The latest bugs could lead to both data leakage and arbitrary…

Source…

NSFOCUS reveals alarming surge in DDoS attacks in 2022 report

/in


NSFOCUS, has published its 2022 Global DDoS Attack Landscape Report. The report contains in-depth findings to aid organisations and users in defending against DDoS attacks.

The report reveals that the DDoS attack landscape is becoming increasingly difficult to navigate. The number of DDoS attacks has notably surged in 2022, with the frequency of terabit-level attacks increasing to approximately 40. Attacks greater than 100 Gbps also reached record levels, with such scale of attack being reported on an hourly basis. The research analysis shows that the incidence of recurring IP address attacks in 2022 was significantly higher than in 2021, meaning that once identified as a target, a victim is likely to experience repeated DDoS attacks. This continually evolving threat landscape poses fresh obstacles to DDoS protection.

According to the report, UDP-based DDoS attacks were the most prevalent tactic used by cybercriminals, accounting for about 60% of total DDoS threat incidents in 2022. Quite alarmingly, virtually all terabit-level DDoS attacks were found to be UDP-based, including two-thirds of non-reflective UDP attacks. These findings signal that contemporary threat actors have at their disposal an incredibly rich pool of attack resources and can initiate terabit attacks without needing UDP reflection to boost traffic. The rapidly reoccurring colossal DDoS attack trend is now surpassing the capability of on-premises solutions across industries.

The report also draws attention to the growing menace of application-layer DDoS attacks. These attacks are more challenging to identify and shield against as they establish reliable TCP connections, making the attack source IP addresses unforgeable. The report warns that if a large number of application-layer attack source IP addresses remain active in a particular region, it is a significant indication that botnets are operating there.

As has been the case in previous annual DDoS attack landscape reports, NSFOCUS continuously monitors the activity of botnet families. The 2022 report identifies Mirai as the most threatening botnet, accounting for over half of all botnet activities and having the greatest number of…

Source…

Rise in global cyberattacks, ransomware threats surge, healthcare and APAC most affected

/in


According to a recent comparative study by Check Point Research, the first nine months of 2023 and 2022 have witnessed an increase in global cyberattacks. The report reveals that average weekly global cyberattacks rest 3% higher this year as compared to the prior year.

Among the numerous cybersecurity threats, ransomware remains prominent, affecting 1 in every 34 organisations, a 4% surge from 2022. North America experienced the highest increase of 25% compared to 2022. The healthcare industry, accompanied by the Asian-Pacific (APAC) region, also witnessed significant year-on-year spikes in average weekly cyberattacks.

In the health sector, approximately 1613 weekly attacks have been recorded, amounting to an 11% year-over-year increase. Besides, the APAC area also experienced robust cyber-attack attempts, marking a 15% increase YoY.

Emphasising the severity of ransomware threats, the report illustrates that one out of every 34 organisations worldwide encountered such an attack attempt, indicating a 4% surge compared to the same timeframe last year.

Over the past year in North America alone, there was a significant rise of 25% in ransomware attacks, making it the region with the highest increase. Reports show ransomware threats are growing due to several factors such as the lucrative business model it offers to cybercriminals, increasing use of sophisticated techniques, rise of Ransomware-as-a-Service (RaaS) platforms, and weak cyber hygiene in many organisations.

In an observing note, many of the most impacted industries encompass critical infrastructure and services. The Utilities sector, which experienced a dramatic 26% increase in ransomware impact over the last year, is a prominent example.

Altogether, the figures underline the rapidly evolving and complex landscape of cyber threats on a global scale. Highlighting the importance of robust and proactive security measures, the report encourages organisations to invest further in IT resources, upgrade legacy systems, and most importantly, train their employees to identify and avoid common cyber threats.

Source…

Surge in Hospital Hacks Endangers Patients, Cyber Official Says

/in


BOSTON—A record year for cyberattacks on U.S. hospitals is putting patients in danger, as hospitals struggle to cope with disabled equipment and frozen data, an official from the American Hospital Association warned Thursday.

Hackers, especially ransomware groups, are routinely taking down medical applications and internet connections, and freezing up patient and operations data, John Riggi, national adviser for cybersecurity and risk at the AHA, said, speaking at a meeting of the Healthcare Information and Management Systems Society. 

“Email and phones go down. Backup computers generally don’t work or have only about three days of data on them,” Riggi said. “We have seen this consistently,” he told the audience of healthcare technology and cyber leaders. 

Healthcare companies, including well-known national hospital operators, continue to be battered by hackers. Services remain disrupted at hospitals owned by private-equity firm Prospect Medical Holdings since a cyber incident in early August. Prospect didn’t immediately respond to a request for comment. 

Scripps Health, a large San Diego-based care provider, sent some patients to two emergency departments at two area hospitals when it was hit with ransomware in 2021. The move caused care delays and increased patient wait times at those facilities, a study in the Journal of the American Medical Association showed. 

Since January, the medical data of more than 61 million people has been stolen or exposed in more than 400 cyberattacks, according to statistics from the U.S. Department of Health and Human Services. This vastly outpaces activity in 2022 and 2021

The average number of patients affected in a hack is 180,000, tripling in the past three years, Riggi said. Most of the data is stolen from network servers and email accounts, as opposed to electronic medical records, he said, which indicates hospitals aren’t taking care to encrypt most of the information. 

That these attacks also disable radiology, scanning and other equipment used to diagnose strokes and treat…

Source…