One Article Review
| Source |  SecurityWeek |
|---|---|
| Identifiant | 513565 |
| Date de publication | 2018-03-14 15:56:03 (vue: 2018-03-14 15:56:03) |
| Titre | Combatting the Transformation of Cybercrime |
| Texte | The volume of cyberattacks is growing at an unprecedented rate, increasing as much as nearly 80% for some organizations during the final quarter of 2017. One reason for this acceleration in the attack cycle is that in order for malware to succeed today it needs to spread further and faster than even before. This allows cybercriminals to stay a step ahead of new efforts by vendors to improve their delivery of updated signatures and patches. But it's not just about volume. These attacks are also increasingly sophisticated, often spanning across malware families and using advanced techniques to simultaneously target multiple attack vectors. This enhanced focus on innovation, combined with the increased speed and volume at which new threat variants are being released into the wild, is successfully catching far too many organizations unprepared. To keep your organization ahead of the threat curve, here are five recent trends you should be aware of: Cryptojacking Cryptojacking is an important new trend among cybercriminals. The latest iteration involves injecting malicious JavaScript into vulnerable websites, or delivering it via phishing campaigns. Simply browsing an infected site can enable attackers to hijack CPU cycles to perform cryptomining on behalf of a cybercriminal. While such attacks initially hijacked all available CPU, causing machines to become virtually unusable, new, more sophisticated attacks, now monitor device CPU and rate limit the amount of processing power they leverage, often using 50% or less of available processing power at any given moment in order to evade detection. Cryptojacking can result in everything from annoying side effects such browser hang-ups and system crashes, to degraded network performance, sophisticated data theft, and increasingly, even the delivery of ransomware. IoT Botnets IoT-based botnets also continue to dominate the threat landscape. But unlike the first generation of IoT attacks, which focused on exploiting a single vulnerability, new IoT botnets such as Reaper and Hajime simultaneously target multiple vulnerabilities, making them much harder to combat. Even worse, because many IoT manufacturers don't have a PSIRT team in place, many of these attacks target known IoT vulnerabilities for which no CVE has been named, which means there is little opportunity to even report vulnerabilities when they are discovered, let alone prepare for them. To complicate things further, the Reaper exploit was built using a flexible Lua engine and scripts, which means that instead of being limited to the static, pre-programmed attacks of previous exploits, its code can be easily updated on the fly, allowing massive, in-place botnets to run new and more malicious attacks as soon as they become available. Ransomware |
| Envoyé | Oui |
| Condensat | across active ads applications asia async automation automationstopping bachelor back basics before business center cloud columns com/js/plusone combatting complex connectedness core createelement cybercrime data degree devices digital director division document driving engineering environments europe experience fortinet found from function general getelementsbytagname getting google graduated has held https://apis increasing industries industry infrastructure insertbefore insights integrated john kingdom links lived lucent maddison maddison:combatting management manager micro more networks organizations parentnode plymouth positions president previous previously product products protect requirement risk script security senior solutions sponsored spread src starts states surviving t46 t47 tags: technologies technology telecommunications text/javascript than these threats transformation transformationfighting trend true; tweet type united university var vice where worked years your |
| Tags | Cloud |
| Stories | APT 37 |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.