Tag Archive for: index

A Shake Up in the Index but Emotet is Still on Top

/in


Check Point Software Technologies INC

Check Point Software Technologies INC

Check Point Research reports that April has seen a lot of activity from Formbook to Lokibot. This month also saw Spring4Shell make headlines, but it is not yet one of the most exploited vulnerabilities

SAN CARLOS, Calif., May 11, 2022 (GLOBE NEWSWIRE) — Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, has published its latest Global Threat Index for April 2022. Researchers report that Emotet, an advanced, self-propagating and modular Trojan, is still the most prevalent malware impacting 6% of organizations worldwide. Despite this, there has been movement for all other malwares in the list. Tofsee and Nanocore are out, and have been replaced by Formbook and Lokibot, now the second and sixth most prevalent malwares respectively.

Emotet’s higher score in March (10%) was mainly due to specific Easter themed scams but this month’s decrease could also be explained by Microsoft’s decision to disable specific macros associated with Office files, affecting the way that Emotet is usually delivered. In fact, there are reports that Emotet has a new delivery method; using phishing emails that contain a OneDrive URL. Emotet has many uses after it succeeds in bypassing a machine’s protections. Due to its sophisticated techniques of propagating and assimilation, Emotet also offers other malwares to cybercriminals on dark web forums including banking trojans, ransomwares, botnets, etc. As a result, once Emotet finds a breach, the consequences can vary depending on which malware was delivered after the breach was compromised.

Elsewhere in the index, Lokibot, an infostealer, has re-entered the list in sixth place after a high impact spam campaign delivering the malware via xlsx files made to look like legitimate invoices. This, and the rise of Formbook, have had a knock on effect on the position of other malwares with the advanced remote access trojan (RAT) AgentTesla, for example, dropping into third place from second.

At the end of March, critical vulnerabilities were found in Java Spring Framework, known as…

Source…

Lokibot Returns to the Index and Emotet Regains Top Spot

/in


Check Point Research reveals that the InfoStealer, Lokibot, is back in the most prevalent malwares list while Emotet has taken first place away from Trickbot. Apache Log4j is still wreaking havoc as the number one most exploited vulnerability.

SAN CARLOS, Calif., Feb. 08, 2022 (GLOBE NEWSWIRE) — Check Point Research, the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, has published its latest Global Threat Index for January 2022. Researchers report that Emotet has now pushed Trickbot out of first place after a long stay at the top, and is this month’s most prevalent malware, affecting 6% of organizations worldwide. Log4j is also still proving to be a problem, impacting 47.4% of organizations globally and the most attacked industry continues to be Education/Research.

After only two and a half months since its return, Emotet has surged into the top spot. The notorious botnet is most commonly spread via phishing emails that contain malicious attachments or links. Its increased use has only been helped by the prevalence of Trickbot that acts as a catalyst, spreading the malware even further. Meanwhile Dridex has dropped from the top ten list altogether, replaced by Lokibot, an InfoStealer which is used to obtain data such as email credentials, passwords to CryptoCoin wallets and FTP servers.

“It’s unsurprising that Emotet is back with a vengeance. It’s an evasive malware, making it difficult to detect, while the fact that it uses multiple methods to infect networks only further adds to the continuing rise of this threat. It is unlikely that this will be a short-lived problem,” said Maya Horowitz, VP Research at Check Point Software. “This month we’ve also seen Dridex disappear from our top ten list and Lokibot resurface. Lokibot takes advantage of victims at their busiest moments, being distributed through well disguised phishing emails. These threats, alongside the ongoing battle with the Log4j vulnerability, emphasise the importance of having the best security across networks, cloud, mobile and user endpoints.”

Check Point Research (CPR) revealed this month that…

Source…

Ransomware and hacking | Tacoma Daily Index

/in


By Morf Morford

Tacoma Daily Index

The problem with hacking and ransomware is that they are a constant threat, but unlike any other, more traditional threat, like fire or theft or sabotage, they are unseen and largely undetectable – and vastly more invasive threats than any of us have ever seen before.

To face traditional threats, like theft or attack, physical locks or increased security (in a direct sense, like visible armed guards) would be effective.

If you thought a disease virus that impacts human health is a threat (and as we all know in 2021, that is certainly true) a digital, information-based virus can be, and is proving to be, an even greater threat.

The great promise of the internet was connectivity. The greatest threat to the internet is also connectivity.

Open access was the point.

Communicating across time zones, national borders, and ethnicities with information accessible to all regardless of race, income, education, position or background was the original hacker’s vision.

“Information wants to be free” was the rallying cry of hackers (back in the 1970s when that was largely seen as a good thing) and, in those now-innocent days, hackers were those off-beat characters, like Steve Jobs and Steve Wozniac (Woz) as profiled by Steven Levy in his 1984 book Hackers: Heroes of the Computer Revolution.

Levy formulated and summarized the ethics and values of that first generation of hackers with these attitudes and assumptions:

Access to computers-and anything that might teach you something about the way the world works-should be unlimited and total.

All information should be free.

Hackers should be judged by their hacking, not bogus criteria such as degrees, age, race, or position.

You can create art and beauty on a computer.

Computers can change your life for the better.

Sharing

Openness

Decentralization

Free access to computers

World Improvement (foremost, upholding democracy and the fundamental laws we all live by, as a society)

But to quote a phrase, that was then and this is now.

That hacker idealism led to essential development that we all take for granted now, from open-source software (like Linux) and…

Source…

Covid-19 Posed New Cyber Threats for Businesses: Verizon Mobile Security Index

/in