2nd Edition

Tracking the trends and news for IT and IT Security

Paul Davis

Cisco Talos Report: New Trends in Ransomware, Network Infrastructure Attacks, Commodity Loader M…

Cisco Talos Report: New Trends in Ransomware, Network Infrastructure Attacks, Commodity Loader M…
Tech Republic – Cedric Pernet
The Cisco Talos Year in Review report underscores emerging trends in the cybersecurity threat landscape, focusing on three main areas: ransomware cybercriminal ecosystem shifts, rising attacks on network infrastructure, and the evolution of commodity loader malware.
Ransomware Cybercriminal Ecosystem:
– Notable shift to data theft extortion model rather than encryption-based attacks
– Healthcare and public health sector witnessed the most targeting due to underfunded cybersecurity budgets and valuable health information
– Ransomware groups such as LockBit, ALPHV, and Clop showcased substantial activity, with changing structures and the release of source code and builders contributing to a rise in new ransomware actors
Network Infrastructure Attacks:
– Increased attacks on networking devices observed, particularly by China- and Russia-based groups for espionage and supporting stealthy operations against secondary targets
– Vulnerabilities in network devices with high severity scores were exploited, allowing attackers to capture sensitive network information and establish a foothold in targeted infrastructures
Commodity Loader Malware Evolution:
– Transformation of banking trojans like Qakbot, Ursnif, Emotet, Trickbot, and IcedID into stealthier and lightweight loaders, away from their original banking trojan capabilities
– Utilization of new distribution vectors beyond macros, including JavaScript, PowerShell, and HTA files, with threat actors avoiding traditional infection methods
Mitigation Strategies:
– Recommendations for businesses included reviewing access control mechanisms, applying data segmentation for sensitive data storage, updating and patching network devices, deploying multifactor authentication, and educating employees on cautious handling of various file types
– Emphasis on keeping all operating systems and software up to date to avoid common vulnerabilities
The report, overall, emphasizes the importance of adapting mitigation strategies to align with the evolving threat landscape and underscores updated practices for ransomware, network infrastructure security, and protection from commodity loader malware.
Link: https://www.techrepublic.com/article/cisco-talos-year-end-report/

Categories:

Tags: