Cybersecurity Digest #42: 24/01/2022 – 4/02/2022

24/06/2024

Cybersecurity Digest #42: 24/01/2022 – 4/02/2022

Cybersecurity news

Cybersecurity Blog Posts

Research and analytics

  • Q4 2021 DDoS attacks and BGP incidents by Qrator Labs. Analysts have recorded the largest botnet in Q4 2021 counted 160 097 devices — almost three times that compared with Q3 and more than in any other quarter of the year 2021. The most attacked industry with a significant outrunning was E-commerce, which amassed 21.75% of all attacks. The Education industry follows it with 15.5% of mitigated attacks and Payment systems with 9.75%. Banks that were in the focus of attacks in Q3 with 22.28% are now targeted by only 5% of the attacks.
  • To gain a better understanding of the different types of ransomware threats, Pulse and Hitachi ID surveyed 100 IT and security executives on how hackers are approaching employees, how ransomware is impacting an organization’s cybersecurity approach, and how prepared businesses really are to combat these attacks. As a result, 65% of respondents say they or their employees have been approached to assist in aiding ransomware attacks. Interestingly, this is a 17% increase in comparison to a similar survey run in the Fall of 2021.
  • The Black Kite Research team released annual report examined the impact of third-party breaches that occurred in 2021. Ransomware became the most common attack method of third-party attacks, initiating 27% of breaches analyzed in 2021. Software publishers were the most common source of third-party breaches for a third consecutive year, accounting for 23% of related incidents. The healthcare industry was the most common victim of attacks caused by third parties, accounting for 33% of incidents in 2021.
  • Ivanti released a Ransomware Spotlight Year End 2021 Report. It is based on data gathered from a variety of sources, including proprietary data from Avanti and Cyber Security Works, publicly available threat databases, and threat researchers and penetration testing teams. The report revealed 29% increase in the count of vulnerabilities associated with ransomware, 25% increase in ransomware families and 35% increase in low scoring vulnerabilities tied to ransomware.
  • According to the Identity Theft Resource Center report the overall number of data compromises is up 68% over 2020. Ransomware-related data breaches have doubled in each of the past two years. At the current growth rate, ransomware attacks will pass Phishing as the number one root cause of data compromises in 2022.
  • As the 2022 Cost of Insider Threats: Global Report reveals, insider threat incidents have risen 44% over the past two years, with costs per incident up more than a third to $15.38 million.
  • There are 277,000 devices, out of a pool of 3.5 million, running vulnerable implementations of UPnP. Of those, Akamai can confirm that more than 45,000 have been compromised in a widely distributed UPnP NAT injection campaign. These injections expose machines living behind the router to the Internet and appear to target the service ports used by SMB.
  • While researching the scope of vulnerabilities exploitable to damage data centers, Cyble Research Labs found multiple DCIM software, Intelligent monitoring devices, thermal cooling management control systems, and rack power monitors vulnerable to cyberattacks. Furthermore, the Labs scanners and google dorks investigation found that globally 20000+ instances and products of various vendors dealing with data centers and their operations are public-facing. Hence, it is highly likely to experience increasing cyber threats towards data centers worldwide.
  • Expel has announced Great eXpeltations 2022: Cybersecurity trends and predictions, the inaugural annual report sharing data from our security operations center (SOC) on the biggest cybersecurity threats, practical recommendations on how to handle them, and predictions for what to expect in the year ahead.
  • Check Point Research released The 2022 workforce security report. As a result of the survey 94% of organizations allow remote access to corporate apps and assets from unmanaged and managed devices, while 17% reported they allow remote access only from company-managed laptops.
  • Gemini Annual Report 2021: Magecart Thrives in the Payment Card Fraud Landscape. The underground payment card economy in 2021 saw new tactics enable new attack vectors, raising certain fraud schemes to higher prominence, such as attacks leveraging Google Tag Manager (GTM) and WebSockets, the Skimmer-as-a-Service model, and card checker innovations.

Major Cyber Incidents