NVIDIA surpasses Microsoft to become the most valuable company in the world.

The Cybersecurity Threatscape from Positive Technologies was made available: a report from Q1 2024 that demonstrates the ongoing rise in cyber incidents.
Threat actors frequently target IT companies, government agencies, and other industries.
Cybersecurity Threatscape from Positive Technologies states: Cyberattacks increased by 7% in the previous quarter, according to the Q1 2024 report. Consequently, confidential information leaks affected both individuals and businesses. Individual leak attacks saw an increase of 9% and now account for 72% of all incidents. Despite the fact that similar incidents for organizations decreased by 11% to account for 43% of such incidents, stronger data security measures are required.

Malware and remote access tools pose a growing threat. During this quarter, malware and RATs saw significant increases, going from 10% and 27% for individuals to 32% and 37% for organizations, respectively. This demonstrates the increasing complexity of cyberattacks and the threat actors’ preference for remote control of targeted systems. Remcos, Venom RAT, and Agent Tesla are among the most well-known remote access tools.

RATs were frequently utilized in sophisticated phishing attacks. RATs have been popular among cybercriminals alongside malware that has features like system control, keystroke logging, and data encryption. It has also been discovered that malware with RAT functionality poses a significant threat to mobile device security.

Despite the increased threat posed by remote access tools, malware-based attacks against organizations have decreased by 11%, while malware-based attacks against individuals have increased by 9%, accounting for 68% of attacks.

Social engineering and large-scale attacks are persistent threats. During the first quarter of 2024, a number of large-scale attacks occurred, and vulnerabilities were used to leak personal data. It has been discovered that open software repositories and IT project collaboration are utilized by cybercriminals to deliver malware payloads.

Additionally, social engineering continues to be a significant threat, particularly to individuals. In 85% and 52%, respectively, of attacks against individuals and organizations, these tactics were utilized as attack vectors. These threats emphasize the necessity of regularly investing in training and awareness programs, vigilant monitoring, and secure practices.

Major Vulnerabilities and Zero-Days Exploited The report talked about how popular software products’ vulnerabilities were exploited. CVE-2023-46805 and CVE-2024-21887, which affected Ivanti Connect Secure, and CVE-2024-1709 and CVE-2024-1708, which affected ScreenConnect, are two well-known zero-day vulnerabilities that were exploited. These bugs were exploited, affecting systems all over the world, prompting CISA warnings.

CVE-2023-48022 affected the Ray Framework, CVE-2023-48788 affected FortiClient EMS, CVE-2024-21893 affected Ivanti Gateways, and CVE-2024-27198 affected TeamCity were the other vulnerabilities exploited. The report says that by the end of the year, there will be around 2900 vulnerabilities, which will make it hard for cybersecurity professionals.

Cybercriminals are increasingly utilizing AI tools to enhance their attack capabilities or fabricate credentials, according to the report. A threat actor, for instance, claimed to have information on 48 million Europcar customers. Later, the company said that the data could have been faked using an AI-faking Python library tool. Phishing campaigns also utilized AI-generated obituaries to lure victims.

Additionally, the use of deepfake technology in cybercrime has grown. Using this technology, for instance, threat actors based in Hong Kong could steal $25 million. The use of AI in cybercrime highlights the significance of superior verification strategies for preventing deepfake content and fraud.

Threats to Open Source Software According to the report, open-source libraries and package managers pose a significant threat. On GitHub, more than 100,000 fake repositories with malicious code were discovered. In popular libraries, attackers also misappropriated package managers like NPM and PyPI.

Threat actors also used typos to distribute malware by creating malicious packages with names that were similar to legitimate ones. These threats brought to light the danger posed by open-source code and the significance of careful verification.

Major cyberattacks and their effects were also the focus of the report:

Hospital for Children Lurie: Varta’s major service disruptions include: At five plants, production was stopped, and Tietoevry’s shares fell 4.75 percent: Multiple Optum clients were impacted by the Akira ransomware: A major platform crash caused by the BlackCat attack cost $100 million per day.

Leave a Reply

Your email address will not be published. Required fields are marked *