37.8 C
Saturday, May 18, 2024

UAE business: Cybercriminals show remarkable resilience: ESET report


Cybercriminals are demonstrating remarkable adaptability and seeking new attack vectors, exploiting vulnerabilities, gaining unauthorized access, exfiltrating sensitive information and defrauding individuals.

In addition, global cybersecurity firm ESET released its latest threat report, saying sextortion scam emails are making a comeback and there is an alarming rise in deceptive Android loan apps.

One of the reasons for the shift in attack patterns is the introduction of stricter security policies by Microsoft, especially with regard to opening macro-enabled files, which summarizes the threat landscape trends seen in ESET telemetry from December 2022 to May 2023.

Shrink the attack surface

ESET telemetry data also suggests that the operators of the once-infamous Emotet botnet have struggled to adapt to a shrinking attack surface, which could indicate another group’s acquisition of the botnet. In the ransomware space, attackers are increasingly reusing previously leaked source code to build new ransomware variants.

The first half of 2023 saw a resurgence in sextortion email scams, with ESET observing an alarming increase in the number of deceptive Android loan apps.

In a new attempt to bypass Microsoft’s security measures, attackers replaced Office macros with weaponized OneNote files in the first half of 2023, taking advantage of the ability to embed scripts and files directly into OneNote, according to the report.

In response, Microsoft tweaked the default settings, prompting cybercriminals to continue to explore alternative intrusion vectors, and ramping up brute force attacks against Microsoft SQL servers may be one of the tested alternatives.

override variant

“The leak of source code for ransomware families like Babyk, LockBit, and Conti, which allowed amateurs to engage in ransomware campaigns, but also allowed us as defenders to cover a wider range of variants in a more general or sophisticated way .a known set of detections and rules,” said Roman Kováč, Chief Research Officer at ESET.

While the cryptocurrency threat in ESET telemetry has been steadily declining, not even revived by the recent rise in the value of Bitcoin, cryptocurrency-related cybercriminal activity persists, with cryptocurrency mining and cryptocurrency stealing capabilities increasingly Incorporate more into more general malware.

This evolution follows patterns observed in the past, such as keylogger malware being initially identified as a separate threat but eventually becoming a common feature of many malware families.

Looking at other threats focused on financial gain, ESET researchers have seen a resurgence of so-called sextortion scam emails, exploiting people’s fears about their online activities, as well as masquerading as legitimate personal loan services and exploiting fraudulent Android loan apps amazing growth. Vulnerable people with urgent financial needs. — trade arab news agency


Source link

Related Articles

Meta Controversy: Elon Musk Accuses Mark Zuckerberg’s Company of ‘Super Greed

Meta's Controversy: Elon Musk Accuses Mark Zuckerberg's Company of 'Super Greed' In a surprising turn of events, tech titan Elon Musk has publicly accused Meta,...

Best Russian Spas in Dubai

Indulge in Luxury: Discover the Best Russian Spas in Dubai Dubai, renowned for its opulent lifestyle and unparalleled luxury experiences, is also home to some...

Google Gemini Unveils Plans for Present Solutions and Future Complexity

Google's Future Vision: Google Gemini Unveils Plans for Present Solutions and Future Complexity In a strategic move aimed at addressing present challenges and anticipating future...

What are the benefits of electronic signature?

What are the benefits of electronic signature? If you run a business, your signature is used in day-to-day transactions. Whether you deal with contract management...

SGX FX partners with Rand Merchant Bank (RMB) as its newest liquidity provider

SGX FX partners with Rand Merchant Bank (RMB) as its newest liquidity provider 16th May 2024, SGX FX, through its eFX trading solutions platform for global...

Latest Articles