Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Did you know that nearly 560,000 new instances of malware are detected every day? As cybersecurity advances, threat actors develop malware with new tricks that exploit weaknesses in an IT environment. Once the malware finds a loophole, it spreads exponentially like a disease, corrupting files, exfiltrating data, redirecting traffic to other destinations, and performing other malicious activities. Malware can spread at a jaw-dropping rate.

A botnet is a network of malware-infected devices used to launch coordinated attacks either against a single target, like during a DDoS attack, or multiple targets like during email phishing attacks. All infected machines in a botnet are remotely controlled by a single cyber attacker that could be located anywhere in the world.

Details about cyberattacks on small-and-medium-sized businesses (SMBs) may not make it to the headlines, but numerous industry reports and surveys have highlighted the grim reality of the SMB cybersecurity landscape. Even before the COVID-19 pandemic, SMBs were largely targeted by adversaries1.

The COVID-19 crisis prompted a spike in ransomware attacks, which was expected, to say at least. In fact, Checkpoint research shows that in Q3 2020, there was a 50% increase in ransomware attacks compared to earlier periods of this year. And while this wave of ransomware attacks was anticipated, not all organizations were reinforced enough to repel these attacks with proper resources and technologies.

Cyberint Research observed several unsolicited malicious email (malspam) campaigns in August 2021 through which Masslogger was delivered. First noticed around April 2020, Masslogger is a popular.NET credential stealer used to gather credentials from victims for various applications, and is readily available to purchase on cybercriminal forums for around $100 (US).

The Sysdig Security Research team has identified a Cryptominer attack hitting a Kubernetes pod running WordPress, related to the recent Botnet Sysrv-Hello. The goals of the attack were to control the pod, mine cryptocurrency, and replicate itself from the compromised system. In particular, the attackers targeted a misconfigured WordPress to perform initial access.

The 2021 ICO Annual Report highlights areas of concern for UK organisations, including the rise of ransomware, the constant threat of email phishing, and the lack of public faith in companies’ handling of data. Let’s dive into some of the more interesting findings from the regulatory body’s latest report.

In late 2020, SolarWinds was the victim of a cyberattack that spread to their clients and went undetected for months. The foreign entities were able to add malicious code into the Orion system and gain access to companies of all sizes and across industries. The malicious code was distributed to all of the systems via a routine software update. Attacks like this are becoming increasingly frequent, amplifying the importance of security solutions that can quickly detect a potential breach.