[ad_1]
In the second quarter of 2024, Positive Technologies experts recorded an increase in the activities of cybercriminals, who increasingly use social engineering methods and malware to attack organizations and individuals. One of the main trends is the use of emails claiming to be sent on behalf of colleagues, which significantly increases the probability of a successful phishing attack.
The study showed that 83% of cyberattacks during the reporting period were carried out via email. 51% of successful attacks on organizations involved social engineering techniques, which attackers used to manipulate employees to obtain confidential information. For example, in May, the cyber group Hive0117 carried out a phishing campaign, sending letters to company employees disguised as letters with colleagues. One of the emails contained a password-protected archive containing the DarkWatchman malware. The message conveyed a sense of urgency, mentioned a tax audit, and asked that the documents be forwarded to an accountant. The success rate of such attacks is high because emails claiming to be from colleagues are more credible to the recipient.
Attackers actively use malware in their attacks. According to experts, cybercriminals use malware in 64% of cases, and the number of incidents using remote access Trojans (RATs) continues to grow. In the second quarter of 2024, the share of such attacks increased by 9% compared to the first quarter, reaching 41% among organizations and 42% among individuals. RATs provide attackers with long-term access to infected systems, allowing them to spy on victims and monitor their activities.
Positive Technologies experts also noted an increase in the number of attacks using skimmers (tools for reading bank card data). The share of payment information in stolen data increased by 9% to 22%. One reason for this growth is the launch of Caesar Cipher, a new web tool for content management systems such as WordPress and Magento. Attackers use the acquired data for further attacks or sell it on the black market.
To protect against such threats, experts recommend that individuals carefully check letters, even if they come from familiar recipients, not open password-protected archives, and contact the sender through other channels to check suspicious messages. Software developers are advised to regularly update source code management tools and use specialized tools to check software packages. Organizations need to regularly inventory IT assets, implement strict access policies, and use modern security tools, such as next-generation firewalls and security event monitoring systems.
Faced with the growth of increasingly sophisticated cyberattacks and malware, experts emphasize the importance of proactively implementing modern security technologies and continuous security monitoring to prevent possible incidents.
[ad_2]
Source link
