Cybersecurity Digest #11: 24/08/2020 – 04/09/2020

Cybersecurity News

Cybersecurity Blog Posts

Research & Analytics

  • According to new survey 2020 Phishing Attack Landscape Report by Cybersecurity Insiders, the frequency of phishing threats has risen considerably throughout the last few months, with companies experiencing an average of 1,185 attacks every month. Additionally, 38% of respondents report that an employee fell victim to an attack within the last year. As a result, 15% of organizations are now left spending anywhere from one to four days remediating malicious attacks during what is already a precarious and strenuous time for many.
  • In 2020 an estimated 2 billion breached records have gone up for sale on various darkweb markets. What happens to those records? Where do they end up, and how does it impact consumers? Report The Fortnite Underground Cybercrime Economy report  provides an inside look at the lucrative billion dollar a year economy of hacked consumer gaming accounts, where cyber criminals are earning upwards of $40,000 per week in profits.
  • RiskIQ released its annual Evil Internet Minute report. The company analyzed the volume of malicious activity on the internet, revealing that cybercrime costs organizations $24.7 per minute, a year-over-year increase of more than $2 every minute. The research projects that it will have a per-minute global cost of $11.4 million by 2021, a 100% increase over 2015.
  • Researchers from the International Digital Accountability Council (IDAC) analyzed 496 educational apps in 22 countries and found privacy issues in many programs. Some apps provided user location data to third-party advertisers and also collected device identifiers.
  • The report Phishing Activity Trends Report: 2nd Quarter 2020 by APWG revealed that scammers requested funds in the form of gift cards in two-thirds of business email compromise (BEC) attacks. APWG member examined thousands of BEC attacks that occurred in the second half of 2020. It found that 66% of them involved gift cards. By contrast, direct bank transfers factored in just 18% of attacks, followed close behind by payroll diversions at 16%.
  • Mozilla has conducted new research conforming that browser history can be used to identify users. They found that most users follow familiar web browsing patterns, and this allows online advertisers to create their accurate profiles.
  • Group-IB published a report about Russian-speaking group UltraRank, which has attacked about 700 online stores in Europe, Asia, North and Latin America in five years. Cybercriminals has conducted campaigns using JS-sniffers, improved their infrastructure, created monetization instruments, and modified malicious code.
  • Kaspersky published a report describing cyber espionage campaigns organized by DeathStalker group which attacks financial and legal SMB enterprises around the world. Infection occurs through phishing emails containing archives with malicious files.

Major Cyber Incidents