Mark Hughes, president of Security, DXC
Five ransomware trends on the rise
It’s no surprise that ransomware is becoming increasingly sophisticated. Here’s what we see.
Stay up to date on the latest threats, vulnerabilities and nation-state activities.
THREAT UPDATE
FraudGPT AI chatbot now for sale
An artificial intelligence chatbot that writes malicious code, finds vulnerabilities, and more, is now available on the dark web.
By the numbers
70% – 90%
of successful compromises involve social engineering
54%
increase in phishing volumes in the first half of 2023 compared to H2 2022
$1.76 million
in average savings for organizations extensively using security AI and automation
THREAT UPDATE
Akira ransomware now targets Linux
A RaaS group is now attacking Linux vulnerabilities, most likely for credential theft and phishing campaigns.
THREAT UPDATE
Mining campaign targets Linux systems
A new campaign uses hijacked SSH credentials to install cryptominers on misconfigured Linux systems and IoT devices.
By the numbers
$4.45 million:
global average cost of a data breach in 2023, up 15% in the last 3 years
64%
of businesses have experienced web-based attacks
Other news
New AI tool helps launch sophisticated attacks
A new generative AI tool called WormGPT helps malicious actors automate the creation of highly convincing, personalized fake emails for sophisticated phishing and business email compromise attacks.
OpenSSH vulnerability exposes Linux systems
Apple has addressed a vulnerability found by Microsoft researchers that lets attackers install “undeletable” malware and circumvent security checks to access a victim’s private data.
Ivanti patches zero-day MobileIron bug
Ivanti has patched an actively exploited zero-day authentication bypass vulnerability impacting its Endpoint Manager Mobile (EPMM) mobile device management software (formerly MobileIron Core).
Decoy Dog gets ready to ambush
Four actors appear to be deploying and developing a sophisticated and mysterious malware toolkit in Russia and Eastern Europe for highly targeted cyber intelligence operations related to Ukraine.
Azure AD attacks reach beyond Outlook
A Chinese nation-state actor that accessed Microsoft Outlook by forging Azure Active Directory (AD) tokens may also have forged access tokens to OneDrive, SharePoint, Teams and other AD applications.
Lazarus hacks IIS servers to spread malware
The state-sponsored North Korean Lazarus hacking group known for hijacking Windows Internet Information Service (IIS) web servers to access corporate networks also distributes malware.
Double-extortion ransomware attacks
The Clop gang now scares companies into paying a ransom by threatening to post stolen data on publicly available websites dedicated to specific victims.
Chinese group targets Android users
Newly discovered WyrmSpy and DragonEgg spyware from the Chinese state-backed APT41 cyber-espionage group targets Android devices, indicating that mobile endpoints are high-value data targets.
?qlt=90&ts=1665762600393&$landscape-x4_desktop$&dpr=off)