Downtime

Customers Will Recover From Downtime. But Will Your Business?

Downtime Recovery Today’s society relies heavily on being connected to service providers. The ability of a business to transact or provide services online is now just as important as the products they offer, or the price they advertise. Retail shopping, media and entertainment, healthcare and
/
How the Oil Industry Can Benefit from IoT Technology

How the Oil Industry Can Benefit from IoT Technology

Oil Industry Can Benefit from IoT In 2010, the Deepwater Horizon oil tragedy struck and took the nation’s attention for months. Two-hundred million gallons of oil spilled, 16,000 miles is the range it spread across the coastline from Florida to Texas, 8,000 animals were killed,
/
wild-wild-west

Domain Shadowing – Wild West Of Internet Cyber Attacks

World Wide Web Labeled Wild Wild West of Internet Cyber Attacks

A new “threat report” labels the World Wide Web (www) the Wild Wild West of cyber warfare stating that the Internet is still “an untamed frontier.”

The report from Bromium Labs, security analysts, that study key trends in the cyber attack landscape and specialize in innovative technologies aimed to defend and counter advanced attacks against computer networks, warns that hackers prey on popular websites and widely used software. Titled Endpoint Exploitation Trends, the report, released this morning, identified key trends for the first half of 2015. Ultimately, it states, while established patterns of attack and defense can still be identified, attackers are increasingly innovative.

pic-secure

Rahul Kashyap, SVP Security & Solutions Engineering, Bromium

It’s been a whirlwind 6 months in terms of threats. One of the big trends we’re witnessing is a huge growth of malvertisements targeting news and entertainment websites, places where people tend to feel safe if anything. CBSNews.com, StarTribune.com and Weather.com were just a few of the sites we saw higher quantities of malvertisements, so recommend consumers be extra vigilent when visiting those sites.

We’re also seeing the continued dark underbelly of bitcoin: it didn’t end with Silk Road. Cybercriminals are using bitcoin as a means to create and proliferate malware without being traced.

Finally, crypto ransomware is on the rise—the appearance of new families has nearly doubled in H1 2015 over the entirety of 2014. Crypto ransomware has become an increasingly lucrative business for attackers the past few years. Reactive technologies such as anti-virus are too late to protect against such infections and are inadequate in most cases. Other newer approaches, such as robust application containers that isolate threats from end users, can provide a defensible layer to prevent both malvertisement and ransomware infections.”

Cyber Criminals Target Popular News and Entertainment Websites

Alarmingly, Bromium Labs researchers found that the most dangerous (for users) websites are those we assume to be the safest, specifically sites that focus on entertainment and news. In fact, more than 50 percent of malvertisements on the web were found by researchers to be hosted (unknowingly) by popular news and entertainment sites.

They also found that Adobe Flash has become an overwhelming target that attackers use to launch digital “drive-by attacks.” One popular attack prompts Mozilla to disable the app in the Firefox browser. But Flash (together with Internet Explorer) is also targeted by a notorious malicious toolkit known as Angler Exploit, posing an especially serious security threat.

The Angler Exploit Kit (EK) is currently regarded as highly sophisticated and dangerous. Cisco has identified a relatively new technique used by cyber attackers to hijack domain registration accounts and create subdomains. Known as domain shadowing,  it takes victims to a web page that is controlled by the attacker via a malicious ad, and then redirects them to subdomains. Blacklisting doesn’t work, and blocking is very difficult. According to the new threat report, all the WWW attacks they have picked up in the past six months are operated by EKs, Angler being the most prevalent.

Current Cyber Attack Trends

dark-shadowing

According to the new threat report, trends cover all elements from new ways to monetize malware to new, effective means of delivering vectors through malvertising. As BitCoin gains traction it is becoming a particularly easy way for cybercriminals to make money, as has Crypto-Ransomware, which demands ransoms from computer users (often via BitCoin) and is an increasing threat to both organizations and individuals.

They identified zero-day exploits and kernel-mode vulnerabilities as the possible “next major window of opportunity” for cyber attackers.

Malvertisements have become very popular with attackers, particularly news (31.7 percent) and entertainment (25.4 percent) sites. They found that of the other websites targeted by malvertising, 12.7 percent were search sites, 7.9 percent were learning sites, and forums, shopping sites, video, and “other” sites each attracted 4.8 percent of this malicious advertising. Only 3.2 percent of social sites were found to be infected by this malware. One of high-profile websites the report names is goodreads.com.

Detection evasion trends show that attackers are continually upgrading their skills, and are able to bypass:

  • Antivirus and Host Intrusion Prevention Systems (HIPS)
  • Honeypots and analysis environments
  • Network filters and Network Intrusion Detection Systems (NIDS)

Key malware trends identified in the report show that:

  • Crypto-Ransomware has increased radically since 2013 when there were only two known ransomware families; now there are nine.
  • Macro attacks are back. Since there are very few “reliable” MS Office vulnerabilities, attackers now resort to an old trick of embedding macro-based malware in MS Office documents. This usually focuses on banking, and is bundled with Dridex Trojan.
  • Windows kernel exploits are gaining attention and becoming more popular when it comes to launching targeted attacks.

In conclusion, the researchers state that while well-worn patterns of both attack and defense can be seen quite clearly, there is still also a lot of “the same old game.”

(Image Source: Shutterstock)

By Penny Swift

Penny Swift Contributor
Penny has been a professional writer since 1984 – Penny has written more than 30 general trade books and eight college books. She has also written countless newspaper and magazine articles for: Skills on Site, Popular Mechanics (SA) and SA Conference, Exhibitions and Events Guide. Penny has a BA in Social Sciences and currently resides in Cape Town, South Africa.
Understanding Data Governance - Don't Be Intimidated By It

Understanding Data Governance – Don’t Be Intimidated By It

Understanding Data Governance Data governance, the understanding of the raw data of an organization is an area IT departments have historically viewed as a lose-lose ...
What You Need To Know About Choosing A Cloud Service Provider

What You Need To Know About Choosing A Cloud Service Provider

Selecting The Right Cloud Services Provider How to find the right partner for cloud adoption on an enterprise scale The cloud is capable of delivering ...
3 Ways to Protect Users From Ransomware With the Cloud

3 Ways to Protect Users From Ransomware With the Cloud

Protect Users From Ransomware The threat of ransomware came into sharp focus over the course of 2016. Cybersecurity trackers have been aware of ransomware for ...
The Verge

Richard Stallman resigns from MIT over Epstein comments

/
Famed computer scientist Richard Stallman has resigned from his position at MIT over recent comments he made concerning Jeffrey Epstein’s victims. He has also resigned as president of the Free Software Foundation, an ...
Amazon logo

Amazon Expands Chicago Tech Hub and Announces Plans to Create 400 New Tech Jobs

/
Amazon to double its tech workforce in downtown Chicago Tomorrow, September 17th, Amazon will hold ‘Amazon Career Day’ event in Chicago for job seekers to learn more about the hundreds of open positions across Illinois—candidates can register ...
400 Million Medical Radiological Images Exposed on the Internet

400 Million Medical Radiological Images Exposed on the Internet

/
An analysis of medical image storage systems exposed to the public web reveals that almost 600 servers in 52 countries are completely unprotected against unauthorized access. Audited systems were unpatched ...

TRENDING | TECH NEWS