Tag Archive for: vectors

Could attack vectors used in Russia and Ukraine cyberattacks target Southeast Asia?  

/in


There is a myriad of attack vectors today that continue to cause problems to organizations. In fact, the two biggest ones to organizations for years are malware and ransomware.

According to Fortinet’s FortiGuard Labs Global Threat Landscape Report, threat intelligence from the second half of 2021 revealed an increase in the automation and speed of attacks demonstrating more advanced persistent cybercrime strategies that are more destructive and unpredictable.

The report also showed that threat actors continue to attack organizations with a variety of new as well as previously seen ransomware strains, often leaving a trail of destruction. Old ransomware is being actively updated and enhanced, sometimes with wiper malware included, while other ransomware is evolving to adopt Ransomware-as-as-Service business models.

Russia’s invasion of Ukraine defines exactly what modern warfare involving attack vectors is all about. While armed conflict on the ground continues to be the main focus, the cyber warfare in the conflict is probably the biggest ever witnessed in the world.

Both countries have been using hackers and cybercriminals to launch cyber attacks on each other. While the world’s largest cybercriminal groups have pledged their support to Russia, Ukraine has appealed to hackers and hacktivists in the hacker network to defend them and also launch counter-attacks.

Both sides have been getting positive responses from the hackers. Hacker groups like Anonymous have already launched several successful cyberattacks on Russia while pro-Russian ransomware gangs have also crippled infrastructures and websites in Ukraine.

One attack vector that has been making headlines is the Hermetic Wiper malware. The malware can wipe out all the data on the system it has infected. What makes it more concerning is that the deleted data is unrecoverable. Some cyber security experts feel that this malware has spread widely and could potentially wreak havoc outside of Ukraine.

While the malware is focused in Ukraine, there is a strong possibility that the attack vector could be adopted by cybercriminals to launch attacks in other parts of the world. For example, Southeast Asian businesses, which are prone to…

Source…

An Overview of Website Reinfection Vectors

/in


The website security landscape is as complicated as it is treacherous. We often deal with clients who become reinfected over and over again. Once the attackers establish a foothold in an environment and recognize that a website is vulnerable, you can guarantee that they will be back to try to reinfect the website.

Our website firewall is designed to protect websites from attack and infection, but there are many different ways that attackers establish their presence into a compromised environment. A website firewall is but one aspect in a larger defense in-depth strategy to protect your website!

In this post I will review some of these other attack vectors and some ways that website owners can protect their sites from becoming reinfected.

First, let’s review how our web application firewall (WAF) works

Our firewall service acts as a reverse proxy. Essentially, it sits between the web server and acts as a sort of “gateway” for the traffic coming to your website. At its core it is a pretty straightforward concept: block bad traffic, allow good traffic. Attacks such as SQL injections, cross site scripting (XSS) and DDoS attacks will get blocked by our generic rules. Any known exploits against vulnerable website software such as plugins, themes and core files should also be blocked. However, our firewall is a very complicated product with a lot of different features! Let’s take a look at some of them:

 

Our firewall is designed to be platform agnostic. That is, it will work with any CMS platform. It doesn’t matter if your website is using WordPress, Magento, Joomla, OpenCart or any of the other CMS platforms available on the web; our firewall can be used to protect your website from attacks.

Different CMS platforms vary greatly from one another and work in very different ways. Since it is not specific to any platform, the basic firewall rules that apply across the board need to be generic enough to not interfere with the routine operations of normal website traffic. So, out-of-the-box it should be tailored to your website and the CMS it is based on to improve security!

Different CMS platforms have different admin panel URLs and the firewall needs to be configured to work…

Source…

97% of organisations globally faced mobile threats from several attack vectors in 2020: Report

/in


Mobile attacks are on the rise, according to a report by cybersecurity firm Check Point Software Technologies Ltd

According to Check Point’s 2021 Mobile Security Report, “the move to mass remote working during the Coivd-19 pandemic saw the mobile attack surface expand dramatically.”

97 per cent of organisations in 2020 faced mobile threats that used multiple attack vectors.

Almost every organisation experienced at least one mobile malware attack in 2020. 93 per cent of these attacks originated in a device network, which attempts to trick users into installing a malicious payload via infected websites or URLs, or to steal users’ credentials, the report said.

Mobile malware

In India, there has been a staggering 845 per cent increase in mobile attacks since October 2020. The total number of mobile attacks in India in Oct 2020 was 1345. The total number of mobile attacks in India in March 2021 was 12719, as per Check Point.

Globally, 46 per cent of organisations had at least one employee download a malicious mobile application that threatened their organization’s networks and data in 2020. Furthermore, as per Check Point’s Achilles research, at least 40 per cent of the world’s mobile devices are inherently vulnerable to cyberattacks due to flaws in their chipsets, and need urgent patching.

The report further noted the increase in mobile malware. In 2020, Check Point found a 15 per cent increase in banking Trojan activity. In such attacks, users’ mobile banking credentials are at risk of being stolen.

“Threat actors have been spreading mobile malware, including Mobile Remote Access Trojans (MRATs), banking trojans, and premium dialers, often hiding the malware in apps that claim to offer COVID-19 related information,” it said.

Advanced Persistent Threat groups are also targeting mobile devices.

“Individuals’ mobiles are a very attractive target for various APT groups, such as Iran’s Rampant Kitten, which has conducted elaborate and sophisticated targeted attacks to spy on users and steal sensitive data,” it explained.

“As we have seen in 2020, the mobile threat landscape has continued to expand with almost every organisation now having experienced an attack,”…

Source…

5 Common Cybercrime Attack Vectors and How to Avoid Them

/in


The threat landscape has significantly expanded with the proliferation of the internet and digital connectivity. As of March 2020, there were more than 677 million new malware detections. This figure by Statista indicates a growing threat of cyberattacks against individuals and businesses.

Cybercriminals take advantage of cyberattack vectors to bypass your basic security defenses. These vectors fall into several categories, each of which uses a different approach to compromise your system’s security.

In this post, we’ll take you through some of the most common vectors of attacks and the countermeasures you can take to effectively combat these threats.

Source…