Tag Archive for: Techniques

Global Email Security Market Forecast Report 2021-2025: New Malware Techniques Drive Market Growth as Organizations Accelerate Cloud Migration Due to the COVID-19 Pandemic – ResearchAndMarkets.com | Business

/in


DUBLIN–(BUSINESS WIRE)–Apr 23, 2021–

This research service analyzes the global email security market.

Email remains the number one threat vector. It is the primary mode of corporate communication and the de facto standard for B2B and B2C communications. During the COVID-19 pandemic, email continues to be the chief channel for business communication, and this trend is driven by the surging trend of working from home.

Over the past few years, the complexity and the volume of threats have increased significantly. Email-based threats have become big business; specific verticals and individuals within organizations are targeted. Threat vectors continue to evolve, and the need for secure email has never been stronger. Attackers are more focused on people and less on systems. Business email compromise (BEC) fraud continues to affect organizations, both large and small. Consequently, traditional security solutions that are designed to protect systems and infrastructure are now inadequate.

Sophisticated and highly targeted email-borne attacks are on the rise, and many of these attacks use social engineering techniques. For businesses of all sizes, this is a serious problem as the legitimate communication channel they rely on extensively, email, is also the channel of choice to deliver malware and malwareless attacks. Advanced attacks combine email and cloud accounts. Cybercriminals are also leveraging pandemic-driven fears and uncertainties to launch their attacks.

The most significant trend in the market is the acceleration of the migration to the cloud. Customers are adopting cloud-based mailbox services and moving their email security to the cloud from on-premise appliances. The substantial adoption of Microsoft Office 365 has caused the biggest loss of email security posture for organizations.

As a result, organizations are looking for integrated solutions to increase operational efficiencies while gaining stronger and more comprehensive security. In such a competitive environment, email security vendors must be able to differentiate themselves.

  • Executive Summary – Market Engineering Measurements
  • Executive Summary – CEO’s Perspective
  • Introduction to the…

Source…

Ryuk ransomware operation updates hacking techniques

/in


Recent attacks from Ryuk ransomware operators show that the actors have a new preference when it comes to gaining initial access to the victim network.

The trend observed in attacks this year reveals a predilection towards targeting hosts with remote desktop connections exposed on the public internet.

Furthermore, using targeted phishing emails to deliver the malware continues to be a favored initial infection vector for the threat actor.

New trend for initial infection

Security researchers from the threat intelligence boutique Advanced Intelligence (AdvIntel) observed that Ryuk ransomware attacks this year relied more often on compromising exposed RDP connections to gain an initial foothold on a target network.

The actors have been running “large-scale brute force and password spraying attacks against exposed RDP hosts” to compromise user credentials.

Another vector for initial compromise was spear phishing and the use of the BazaCall campaign to distribute malware through malicious call centers that targeted corporate users and directed them to weaponized Excel documents.

AdvIntel researchers say that the Ryuk attackers ran reconnaissance on the victim in two stages. Once, to determine the valuable resources on the compromised domain (network shares, users, Active Directory Organization Units).

The second time, the objective is to find information on the company’s revenue to set a ransom amount that the victim can afford to pay to recover systems.

To enumerate the active directory information, Ryuk ransomware operators rely on the tried and tested AdFind (AD query tool) and the post-exploitation tool Bloodhound that explores relationships in an Active Directory (AD) domain to find attack paths.

Getting financial details about the victim relies on open-source data. AdvIntel says that the actors search on services like ZoomInfo for information about the company’s recent mergers and acquisitions and other details that can increase the profitability of the attack.

Additional reconnaissance is carried out using the Cobalt Strike post-exploitation tool that’s become a standard in most ransomware operations and scans that reveal the security products like antivirus…

Source…

UCSB Researchers Devising Techniques to Address Vulnerabilities of Smart Devices | UCSB

/in


National Cyber Security Awareness Month provides an opportunity to explore emerging fields in information security. Perhaps none is as overlooked as the rapid emergence of network-enabled smart devices, what researchers call the Internet of Things.

We’re used to thinking about applications on computers, but we are increasingly surrounded by networked devices: voice-activated assistants, smart appliances, Wi-Fi cameras, video doorbells and more. These electronics are the new forefront in cyber security.

Giovanni Vigna focuses on this new frontier. “There is concern that there are a lot of hidden vulnerabilities in these devices,” he said. Vigna, a professor of computer science at UC Santa Barbara, serves as director of the campus’s Center for Cybersecurity and co-director of the Security Lab.

Manufacturers optimize networked electronics for ease of use, and that sometimes comes at the cost of eliminating security features. “Convenience versus security: this has been a tradeoff since the beginning of computing,” Vigna said.

What’s more, if you want your phone to communicate with your bathroom scale, your watch and your thermostat, you have to resort to the lowest common denominator between all the devices, he explained.

“A lot of people think that we can take current security analysis and, with little effort, repurpose it for smart devices. After all, it’s still code,” Vigna said. “But the vast majority cannot be simply repurposed.”

For instance, unlike applications such as Microsoft Word, these programs don’t live in a convenient folder on a hard drive that security experts can access. These gadgets use a variety of different architectures and bespoke hardware. Just extracting the source code is a challenge, Vigna said, let alone analyzing it.

“You actually need new approaches to be able to take this wide variety of targets and execute them and analyze their security,” Vigna explained.

That’s why…

Source…

Artificial intelligence: China ‘uses Taiwan for target practice’ as it perfects cyber-warfare techniques – The Times

/in

Artificial intelligence: China ‘uses Taiwan for target practice’ as it perfects cyber-warfare techniques  The Times
“cyber warfare news” – read more