Cybersecurity Digest #57: 22/08/2022 – 02/09/2022

Cybersecurity news

Cybersecurity Blog Posts

  • Freedom to Tinker has published an article about why modern computers are vulnerable and how this is related to the complexity of their architecture. The author considers the idea of “cheap complexity” – the production of cheap complex general-purpose processors instead of simple devices for specific applications, which are more reliable, but many times more expensive.
  • Susan Bradley shared examples of cases in which the application of the latest best practices of information security does not meet the established requirements of the organization. And since it is mandatory in almost all large firms, the author calls for the reasonable introduction of new requirements and technologies.
  • Every stakeholder, from the CISO to even the red team, wants the blue team to succeed against simulated cyberattacks. Sticking to this advice will help make that happen. Chris Hughes described 6 best practices for blue team success.

Research and analytics

  • Radware released a report revealing that the number of malicious DDoS attacks climbed by 203% compared to the first six months of 2021. There were 60% more malicious DDoS events during the first six months of 2022 than during the entire year of 2021.
  • According to recent research by the Institute of Computing Technology, Chinese Academy of Sciences, they account for around 13.5% of all DNS queries in China, with two in every three AAAA queries failing.
  • Vulnerability disclosures impacting IoT devices increased by 57% in the first half (1H) of 2022 compared to the previous six months, according to a research by Claroty. The report also found that over the same time period, vendor self-disclosures increased by 69%, becoming more prolific reporters than independent research outfits for the first time.
  • A new Palo Alto Networks Unit 42 report reveals a sharp increase in phishing attacks that abuse software-as-a service platforms, like website builders and form builders. From June 2021 to June 2022, attacks have increased 1,100%. These phishing attacks sometimes impersonate legitimate sites to steal login credentials.
  • According to the Trend Micro report, the operators of the new Agenda ransomware have chosen Windows computers as their main target. Armed with Agenda, hackers attack organizations in the field of education and healthcare. The amount of the required ransom varies from $50,000 to $800,000.
  • Researchers from Lookout have released an interesting report, according to which a number of organizations in Kazakhstan, Syria and Italy used enterprise-level spyware for Android to infiltrate users’ mobile devices. The spy was named “Hermit“, presumably the Italian vendor RCS Lab S.p.A., specializing in surveillance, as well as the telecommunications company Tykelab Srl, is behind its creation.
  • In 2022, the average cost of a data breach has reached a record high of US$4.35 million, according to the 2022 cost of a data breach report by IBM and the Ponemon institute. The top three industries affected by the costs of data breaches listed in this report are, healthcare, financial, and pharmaceuticals.
  • Group-IB specialists have published a detailed report on the 0ktapus campaign. Experts reported that recent phishing attacks on Twilio and Cloudflare employees turned out to be part of this large-scale campaign, as a result of which 9931 accounts in more than 130 companies were compromised.

Major Cyber Incidents