Tag: Report

Account takeover attacks ramping up, leading to explosion of phishing

Account takeover attacks (ATO), in which a person’s credentials are stolen and used to send emails from their real account, often result in phishing attacks being sent from the victim’s account, according to a Barracuda Networks report. Out of the 60 total ATO incident recorded, 78% led to phishing emails, said the report.

Barracuda randomly selected 50 organizations to study from April to June 2018. The goal of the study was to analyze ATO attacks, which are much less likely to be blocked by security systems that filter for domain, sender, or IP reputation, said the report.

Read more about the findings of the new Barracuda report on TechRepublic.

3 Drivers Behind the Increasing Frequency of DDoS Attacks

According to IDC Research’s recent US DDoS Prevention Survey, more than 50% of IT security decision makers said that their organization had been the victim of a distributed denial-of-service (DDoS) attack as many as 10 times in the past year.

For those who experienced an attack, more than 40% lasted longer than 10 hours. This statistic correlates with ATLAS findings, which show there were 7.5 million DDoS attacks in 2017 — a rate, says Cisco, that is increasing at roughly the same rate as Internet traffic.

Read more about why DDoS attacks are on the rise on DarkReading.

Why voice fraud rates continue to rise with no signs of slowing down

Pindrop released its annual report detailing developments in fraud, the future of voice and the impact to customer service across various industries. In the report, Pindrop reveals the rate of voice fraud climbed over 350 percent from 2013 through 2017, with no signs of slowing down.

Additionally, between 2016 and 2017, overall voice channel fraud increased by 47 percent, or one in every 638 calls. The year-over-year increase can be attributed to several causes, including the development of new voice technology, the steady uptick in significant data breaches, and acts of fraud across multiple channels.

Read more about the findings of the Pindrop report on Help Net Security.

Security priorities are shifting in response to increased cybersecurity complexity

The increased complexity of the IT environment, combined with increasingly sophisticated attacks and a rapidly evolving threat landscape, is causing organizations to invest more money in cybersecurity and start to focus on the impact of cyber threats and cybersecurity from a business perspective, according to a research report conducted by Enterprise Strategy Group (ESG).

One of the report’s key findings is that in many organizations (96 percent), the traditional role of the CISO has expanded. The primary driver cited for the elevation of the CISO is the increasing difficulty of protecting enterprise data.

Read more about the findings of the new ESG report on Help Net Security.

Retail Sector Second-Worst Performer on Application Security

The retail industry’s cybersecurity preparedness continues to lag behind almost every other sector despite efforts by the major credit card associations to bolster retail security via the Payment Card Industry Data Security Standard (PCI DSS).

Third-party risk management firm SecurityScorecard recently analyzed a total of 1,444 domains in the retail industry with an IP footprint of at least 100 and compared the average SecurityScorecard grade of the retail industry to other vertical markets. The exercise showed the retail industry had the second-lowest application security performance among major sectors.

Read more about the findings of the new report on DarkReading.

Cryptojackers Grow Dramatically on Enterprise Networks

Cryptojacking — threat actors placing illicit cryptocurrency miners on a victim’s systems — is a growing threat to enterprise IT according to a just-released report from the Cyber Threat Alliance (CTA). CTA members have seen miner detections increase 459% from 2017 through 2018 and there’s no sign that the rate of infection is slowing.

The joint paper, written with contributions from a number of CTA members (including Cisco Talos, Fortinet, McAfee, Rapid7, NTT Security, Sophos, and Palo Alto Networks), points out that there is little unique in the methods cryptojackers use to infect their victims; defending against cryptojackers is identical in almost every respect to defending against other threats.

Read more about the findings of the new report on DarkReading.

Access to over 3,000 backdoored sites sold on Russian hacking forum

Hackers are selling access to over 3,000 breached websites on an underground hacking forum for Russian-speaking users, according to a new report by Flashpoint. The forum is named MagBO and is a relative newcomer on the hacking scene, where other services HackForum, Exploit.in, xDedic, Nulled, or Mal4All have already made a name for themselves.

But according to Flashpoint, this forum has its own niche, and that niche is in selling web shells to already-hacked websites. “Essentially, the breached websites host some sort of backdoor that would enable buyers to log in to them,” Vitali Kremez, Director of Research at Flashpoint explained to ZDNet.

Read more about the findings of the new Flashpoint report on ZDNet.

Cybercrime: Ransomware remains a ‘key’ malware threat says Europol

Ransomware remains the top malware threat to organisations, causing millions of dollars of damage and remaining a potent tool for cyber criminals and nation-state attackers. The rise of highly targeted file-locking malware campaigns and the threat posed by nation-state backed campaigns, means ransomware “remains the key malware threat in both law enforcement and industry reporting,” warns Europol’s 2018 Internet Organised Crime Threat Assessment (IOCTA) report.

Ransomware families like Cerber, Cryptolocker, Crysis, CTBLocker, Dharma and Locky are cited among those most damaging to businesses over the past 12 months.

Read more about the findings of the new Europol report on ZDNet.

IoT Threats Triple Since 2017

In the first half of 2018, more than 120,000 modifications in malware attacked Internet of Things (IoT) devices — triple the total in 2017 and more than 10 times for 2016, according to a new report by researchers at Kaspersky Labs.

The report shows that simple, brute-force attacks on passwords were still the most commonly used techniques to breach IoT security, making up at least part of 93% of the attacks seen. Those attacks compromised a wide variety of devices, which were then used for malicious cryptocurrency mining, DDoS attacks, the inclusion of devices in botnet threats, and more.

Read more about the findings of the new report on DarkReading.

 

Military, Gov’t Users Just as Bad At Password Hygiene as Civilians

Military and government users aren’t engaging in password hygiene any better than their brethren in less sensitive, private-sector positions, according to a new study by WatchGuard Technologies, which shows both sides creating weak passwords at about the same rate.

The report analyzed a data dump of 117 weakly encrypted credential pairs protected only with SHA-1 hash functions from a 2012 breach at LinkedIn. The study showed that credential pairs associated with .mil and .gov accounts were easily crackable — within a week — about 50% of the time. This was only slightly less than the rate of weak passwords in pairs associated with civilian accounts, which were at about 52%.

Read more about the findings of the new report on DarkReading.