In the first half of 2021, average ransomware demands surged by 518%, while payments climbed by 82%. There has been a growing number of attacks in healthcare, with 560 healthcare facilities hit by ransomware last year in the U.S. alone. As new attacks generate headlines each week, we get real-world use cases for how ransomware proliferates in diverse ways, including social engineering attacks and exploitation of vulnerabilities.
Co-authored by Zhi Xu and Matt Allen We are proud to share that Netskope Threat Protection has received the 2021 On-Demand Malware Detection certification from prestigious SE Labs for a third consecutive year. Specifically, Netskope performed 100% threat detection on both known malware samples and unknown malware samples during tests conducted in December 2021, with a 0% false-positive rate.
The Elastic Security team identified a noteworthy cluster of malicious activity after reviewing our threat prevention telemetry. A valid code signing certificate is used to sign malware to help the attackers remain under the radar of the security community. We also discovered a novel malware loader used in the campaign, which we’ve named BLISTER. The majority of the malware samples observed have very low, or no, detections in VirusTotal.
The success of a modern business is heavily reliant on the network of which its computers and employees operate. With many risks looming online, a secured operating system and network are critical for most businesses to perform to their full ability. One of the most prolific threats to modern business is ransomware.
Ransomware is on the rise and shows no signs of slowing. In the past year alone, major ransomware attacks have hit just about every major industry, including health care, physical infrastructure, digital infrastructure, and food. It’s no longer a matter of if, but when an organization will be attacked, which is why most companies now spend considerable resources to defend against ransomware attacks.
Ransomware attackers today have the technical skill and tools to analyze a target’s defenses and like a band of guerilla operatives attacking a more power adversary, the attackers avoid the teeth of the defense and hit their victim at its weakest point. All while layering in new tactics to force their victims to pay a ransom. To be prepared for this threat, an organization must have a plan in place to deal with the myriad of new tricks ransomware attackers have developed over the last few years.
While many organizations are patching the two recent Apache Log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046), attackers have been racing to exploit them to deliver malware, such as botnets, backdoors, and cryptominers. Among the threats delivered using Log4Shell exploits, a new ransomware family was found by Bitdefender: Khonsari.
CrowdStrike Falcon Pro™ has won another Approved Business Security Product award from AV-Comparatives, the second in 2021, scoring the highest 99.9% protection rate in the AV-Comparatives Real-World Protection Test. AV-Comparatives is a leading independent third-party testing organization that tests the efficacy of endpoint security solutions to offer insight into how endpoint security solutions detect and protect against real-world threats.
In September 2021, Tripwire released its annual report to examine the actions taken by the U.S. federal government to improve cybersecurity. The report also looks at non-government organizations so that we may catch a glimpse of the differing views and approaches of each, which makes for interesting (and revealing) insights.
According to IBM’s Cost of a Data Breach Report 2021, the global average cost of a data breach is estimated to be $4.24 million. Cyberattacks cost organizations time and money, not only in the form of data loss but also through irreversible damage to their reputations, leading to the loss of customers. After security breaches, customer loyalty is almost impossible to regain.
This is part 3 of Trustwave’s 2022 Cybersecurity Predictions blog series brought to you by our APAC team. In 2021, the cybersecurity industry was truly tested. Most notably, we uncovered the deeper fallout from the SolarWinds attacks, combatted the proliferation of advanced ransomware gangs and a surge in vulnerability exploitation, and saw fragile supply chain and critical infrastructure more targeted by attackers than ever.
COVID-19 made moving agency employees and services off-premises essential. This move, however, has also sparked one of the biggest waves of cybercrime the internet has ever seen. Ransomware attacks have been particularly effective against government agencies and critical infrastructure.
In 2020, I published an AT&T blog called “Top Cybersecurity Trends & Predictions for 2020’”. In the article I had forecasted that cybersecurity would become even more of a strategic priority for companies as the cost, sophistication, and lethality of breaches would continue to rise.
The Sysdig Threat Research Team has detected an attack that can be attributed to the TeamTNT. The initial target was a Kubernetes pod exposed outside the network. Once access was gained, the malware attempted to steal AWS credentials using the EC2 instance metadata. TeamTNT is a threat actor that conducts large-scale attacks against virtual and cloud solutions, like Kubernetes and Docker.
Finland’s National Cyber Security Centre (NCSC-FI) has issued a warning about malicious SMS messages that have been spammed out to mobile users, directing iPhone owners to phishing sites and Android users to download malware. The messages are written in Finnish but without the customary accented characters. In some instances, the messages pose as a notification that the user has received a voicemail message, or a communication from their mobile network provider.
This is part 2 of Trustwave’s 2022 Cybersecurity Predictions blog series. In 2021, the cybersecurity industry was truly tested. Most notably, we uncovered the deeper fallout from the SolarWinds attacks, combatted the proliferation of advanced ransomware gangs and a surge in vulnerability exploitation, and saw fragile supply chain and critical infrastructure more targeted by attackers than ever.
