Cybersecurity Digest #3: 27/04/2020 – 8/05/2020

Cybersecurity News

Cybersecurity Blog Posts

Research & Analytics

  • David Elmaleh and Imperva Research Labs’ data scientist Johnathan Azaria covered data highlighted in 2019 Global DDoS Threat Landscape Report, and also offered up a never-before-seen look at attacks on a per-industry basis and commentary on how to think about DDoS during the COVID-19 pandemic. Plus, they provided additional insights on why the attacks of late require a specific mitigation strategy.
  • Kaspersky published report about DDoS-attacks in 1Q 2020. Contrary to forecast in the last report, in Q1 2020 was observed a significant increase in both the quantity and quality of DDoS attacks. The number of attacks doubled against the previous reporting period, and by 80% against Q1 2019. The attacks also became longer: analysts observed a clear rise in both the average and maximum duration. The first quarter of every year sees a certain spike in DDoS activity, but analysts did not expect this kind of surge.
  • Kaspersky conducted an inquiry, discovering a long-term campaign “PhantomLance”, in which malicious apps in the Google Play Store secretly spy on and steal data from users of Android devices.  Its earliest registered domain dating back to December 2015. Besides the attribution details, this document describes the actors’ spreading strategy, their techniques for bypassing app market filters, malware version diversity and the latest sample deployed in 2020, which uses Firebase to decrypt the malicious payload.
  • Kaspersky published report «APT trends report Q1 2020». COVID-19 is clearly top of everyone’s minds at the moment and APT threat actors have also been seeking to exploit this topic in spear-phishing campaigns.  According to the report, geo-politics continues to be an important driver of APT activity and Financial gain remains a motive for some threat actors, as evidenced by the activities of Lazarus and Roaming Mantis.

Major Cyber Incidents