Latest News Editor's Choice

Technology / Internet

Hackers are after Web Applications now (and other key takeaways from SonicWall Cyber Threat Report)

by Staff writer
25 Feb 2020 at 08:09hrs | Views
Not too long ago, SonicWall released its Cyber Threat Report 2019. One of the key takeaways is that cybercriminals are starting to take an interest in web apps. In fact, these have increased by 52% in the last year alone. Does it sound alarming to you? Then keep on reading because the rest of the key takeaways are pretty startling too.

Big-name brand web applications are on the line
We're talking about the likes of Drupal Oracle WebLogic, SharePoint, Dropbox, Microsoft Windows GDI, and so on. Hackers like to siphon personal and financial information from them. Now, it may have got you thinking. If the big-name brands can't always establish a sufficient line of defense, what does it mean for the ones developed by Jane and Joe Smith? A concerning state of affairs indeed.

There are new exploit kits and macros
Hackers tend to rely on Adobe Flash and Internet Explorer vulnerabilities. So if you've already uninstalled such out-of-date software, you're in the clear. For the most part, exploit kits are delivered through malvertising campaigns. On the macro side, this year, like the ones that came before, is characterized by hackers relying on infected document files as an attack vector.

The good news – cybersecurity advances are aplenty
Antivirus suites and similar software can now identify never-seen-before threats faster than ever before. It means that, to a certain degree, you can shield yourself from the unknown. Deep memory inspection technology has also leaped forward.

As for the threats, phishing was spiraling in a downward trend in 2019 as well. But it does remain an attack vector to be reckoned with. Due to the disappearance of Coinhive, the notorious mining service, cryptojacking malware went from one of the hottest trends to almost extinct.

The bad news – cybercriminals are sharpening their claws too
Instead of taking a broad approach to spreading ransomware, the hackers are now after laser-sniping their targets. Governments are quite a notable one to mention. In 2019, there was a considerable increase in file-less malware cases. It is a method that embeds malicious files from a remote location.

To no one's surprise, IoT attacks are on the rise, and they are unlikely to cease any time soon. If you thought web apps were safe, as already mentioned above, the rising web app attack trend paints a different picture.

Most exploited vulnerabilities in 2019
Since the list is too long, let's give you a taste by listing some examples:
●    BlueKeep. It affects the outdated releases of Windows (7, XP, Server 2003, Server 2008), which is what a large number of hospitals are still relying on. Taking advantage of this vulnerability grants the attacker remote code execution privileges.
●    Drupal core. If you're not a fan of Wordpress and prefer to use Drupal as your CMS of choice, you better update to at least 8.6.10 to remedy the problem. Otherwise, you're running the risk of being the target of remote code execution.
●    Microsoft GDI. Not even Microsoft Windows is safe from remote code execution. This exploit works by taking advantage of how GDI handles memory objects.

Perimeter-less security is gaining traction
It is a massive jump for protecting networks against hacking and data interception attempts. Joining in on the battle fought by modern VPN solutions like NordVPN and similar, perimeter-less security aims to give the end-user more privacy and keep the threats out of the network.

The new perimeter-less security assumes zero trust. In other words, every device that connects to a network needs to be authenticated under this new network architecture concept. The sensitivity of the data transmitted is also a factor. It determines how much extra verification is necessary.

Phishing is still there but in decline
Researchers noted that phishing attacks faced a 42% decline. The targets tend to be employees across various industries, including agriculture, banking, airlines, travel, and government. As for the delivery vehicles, Microsoft Office documents and PDF files took the crown this time around. Of course, fraudulent web pages are still the bread and butter of this sophisticated data theft method.

Encrypted malware seems to be the new trick of the trade
What is the best way to circumvent detection and sneak a nasty pile of malicious code under the radar? It turns out that encrypting the malware is as good as it gets. The method revolves around producing a single executable. At a later point, it gets decompressed and releases the original file set, wherein the malware lies. All in all, quite an ingenious way to confuse antivirus scanners.

By knowing the current cyber threat trends, you can brace yourself to face the unknown and prepare for what's ahead.

Source - Byo24News