38 C
Friday, September 22, 2023

UAE business: Cybercriminals show remarkable resilience: ESET report


Cybercriminals are demonstrating remarkable adaptability and seeking new attack vectors, exploiting vulnerabilities, gaining unauthorized access, exfiltrating sensitive information and defrauding individuals.

In addition, global cybersecurity firm ESET released its latest threat report, saying sextortion scam emails are making a comeback and there is an alarming rise in deceptive Android loan apps.

One of the reasons for the shift in attack patterns is the introduction of stricter security policies by Microsoft, especially with regard to opening macro-enabled files, which summarizes the threat landscape trends seen in ESET telemetry from December 2022 to May 2023.

Shrink the attack surface

ESET telemetry data also suggests that the operators of the once-infamous Emotet botnet have struggled to adapt to a shrinking attack surface, which could indicate another group’s acquisition of the botnet. In the ransomware space, attackers are increasingly reusing previously leaked source code to build new ransomware variants.

The first half of 2023 saw a resurgence in sextortion email scams, with ESET observing an alarming increase in the number of deceptive Android loan apps.

In a new attempt to bypass Microsoft’s security measures, attackers replaced Office macros with weaponized OneNote files in the first half of 2023, taking advantage of the ability to embed scripts and files directly into OneNote, according to the report.

In response, Microsoft tweaked the default settings, prompting cybercriminals to continue to explore alternative intrusion vectors, and ramping up brute force attacks against Microsoft SQL servers may be one of the tested alternatives.

override variant

“The leak of source code for ransomware families like Babyk, LockBit, and Conti, which allowed amateurs to engage in ransomware campaigns, but also allowed us as defenders to cover a wider range of variants in a more general or sophisticated way .a known set of detections and rules,” said Roman Kováč, Chief Research Officer at ESET.

While the cryptocurrency threat in ESET telemetry has been steadily declining, not even revived by the recent rise in the value of Bitcoin, cryptocurrency-related cybercriminal activity persists, with cryptocurrency mining and cryptocurrency stealing capabilities increasingly Incorporate more into more general malware.

This evolution follows patterns observed in the past, such as keylogger malware being initially identified as a separate threat but eventually becoming a common feature of many malware families.

Looking at other threats focused on financial gain, ESET researchers have seen a resurgence of so-called sextortion scam emails, exploiting people’s fears about their online activities, as well as masquerading as legitimate personal loan services and exploiting fraudulent Android loan apps amazing growth. Vulnerable people with urgent financial needs. — trade arab news agency


Source link

Related Articles

Former UK PM David Cameron at Port City Colombo UAE Roadshow

Port City Colombo to hold UAE Roadshow for global investors. Former UK PM David Cameron will discuss ties between the UAE, Indo-Pacific, and Sri...

“Game of Thrones” creator and authors sue OpenAI for copyright violation

John Grisham, Jodi Picoult, and George R.R. Martin, along with 14 other authors, are suing OpenAI for what they claim is "systematic theft on...

Watch: Dubai real estate agents queue for Palm Jebel Ali villa sales

Dubai's newest waterfront project, Palm Jebel Ali, has caused a significant stir. Hundreds of real estate agents and potential buyers formed long lines outside...

Indian rupee nears historic lows, faces more pressure.

The Indian rupee, near a record low, faces ongoing pressure due to factors like crude oil prices and the US Federal Reserve's policy decision....

Emirates Gold acquired by Rockfire Resources plc

Emirates Gold DMCC, a leading UAE precious metals refining company, has announced its acquisition by Rockfire Resources plc. This acquisition encompasses all aspects of...

Latest Articles