As cybercrime becomes more prevalent what are the threats to watch out for
Pascal Geenens writes in
"In the last few months the cyber security community has witnessed the propagation of new organized hacktivist groups spurred on by the innovations used by nation-states. Pascal Geenens, director of threat intelligence at Radware, provides the low down.
In the second quarter of 2021, companies were fending off each month on average around 5000 malicious events. Compared to the second quarter of 2020, this represents a jump in blocked attacks of around 30 percent and an increase of more than 40 percent in average blocked volume. Companies based in America and Europe, Middle East and Africa had to defend against twice as much volume compared to Asia Pacific..."
The FBI and CISA (the Cybersecurity and Infrastructure Security Agency) have jointly issued an advisory to organisations, warning about an increase in the number of attacks coinciding with weekends and holidays.
Graham Cluley wrote in
"With the Labor Day weekend rapidly approaching, the agencies have reminded businesses to be especially vigilant, remain diligent about their network defences, and 'engage in preemptive threat hunting on their networks to search for signs of threat actors.'
To underline their point, the FBI and CISA have warned that they have noted a trend for ransomware and other cyber attacks to occur at times when offices are normally closed. To underline the seriousness of the issue, the agencies have detailed three major ransomware attacks in recent months that coincided with holiday weekends, causing significant disruption:..."
The public cloud eliminated traditional network boundaries, so cloud security is based on different strategies, like entitlement management
"The security boundary of your cloud is your Identities,"
writes Eric Kedrosky in
"both people users and non-people identities, and they need to be managed accordingly. There can be tens of thousands of non-people identities in your cloud environment, and it is the use cases of these non-people identities make security even more complex.
Identity-based use cases are proliferating dramatically, which brings into question their entitlements. In the cloud, we call these entitlements an Identity's Effective Permissions, the end-to-end permission of the actions that an Identity can take and the data it can access..."
While enterprise security teams have had their hands full battling an increasing number of more sophisticated ransomware attacks, phishing attacks are on the rise with the easing of pandemic-related restrictions
"In fact," writes Jonathan Andresen in
"just this past week Microsoft warned of a widespread credential phishing campaign that leverages open redirector links in email communications as a vector to trick users into visiting malicious websites while effectively bypassing security software.
'Attackers combine these links with social engineering baits that impersonate well-known productivity tools and services to lure users into clicking,' Microsoft 365 Defender Threat Intelligence Team said in a report published this week.
According to the 2021 Global DDoS Threat Landscape Report, Ransom DDoS (RDoS) threats are on the rise. Imperva researchers have been monitoring threats against several of our customers where extortionists have demanded payment in BitCoin to prevent DDoS attacks
"As security teams prepare cyber-attack mitigation strategies for 2022, data collected by Imperva strongly suggests that evaluating and improving RDoS detection and response capabilities should be a priority," notes Bruce Lynch in Security Boulevard
"In this post, we'll explain what an RDoS attack is, how it plays out, and what you need to do to prevent it.
RDoS attacks are DDoS attacks - malicious attempts to make an online service unavailable to users, usually by temporarily interrupting or suspending the services of its hosting server - with an extortion component. Today, they are remarkably easy to carry out. The technical skills required to carry out an RDoS attack are extremely low, and the tools for reconnaissance on your organization's networks are publicly available. DDoS 'stressors', a.k.a. 'DDoSers' or 'Booters' which are ostensibly intended to enable you to research and pressure test your network, actually help cybercriminals plan an attack against your network. Search engines make it simple for hackers to collect information about all of your network ranges and networking services, information that you use to keep your IT systems working and accessible, but which makes your systems easier to attack..."
Threat intelligence platforms take security beyond traditional defensive strategies.
"Threat intelligence helps IT to stay one step ahead of cybercriminals and prevent information or financial loss," notes Drew Robb in
"This makes it possible to warn organizations about potentially malicious activity inside the network. Unusual patterns or behavior are flagged so security analysts can find out what is going on.
Threat intelligence platforms, then, deal with any threats or potential threats related to computer systems and web-based applications. This represents a way to collect relevant information relating to cyber threats. Further, threat intelligence software applies analytics to that information, adding a predictive capability and risk estimation..."
See all Archived IT News - Security articles
See all articles from this issue