Yesterday was Anti-Ransomware Day. And instead of offering accolades to named cyber attackers, as published by Kaspersky in their report New ransomware trends in 2023, here are the leading methods they use year-after-year to exploit public facing vulnerabilities (42.9%) and compromised accounts and malicious emails:
- PowerShell to collect data
- Mimikatz to escalate privileges
- PsExec to execute commands remotely
- or frameworks like Cobalt Strike for all attack stages
Furthermore, in a another report, Kaspersky experts highlighted three key ransomware trends ransomware groups are incorporating:
- self-spreading functionality or imitations into their malware
- exploiting vulnerabilities in antivirus drivers
- adopting capabilities from leaked or purchased code
“What we’ve been watching throughout the last one and a half years is that they are gradually turning their services into full-fledged businesses. This fact makes even amateur attackers quite dangerous,” said Dmitry Galov, Senior Security Researcher at Kaspersky’s Global Research and Analysis Team.
Roy Akerman, Co-Founder & CEO, Rezonate had this to say:
“We know that 80% of the attacks are using 20% of the same techniques and same vulnerabilities. Every year CISA produces a report indicating the top exploited vulnerabilities and every year we see a very similar list of vulnerabilities we saw the year prior where most are 2 years and older. Same for the attack techniques used, from encoded PowerShell commands, Mimikatz and Cobalt Strike, to ransomware specific techniques such as vulnerable and publicly accessible RDP protocol. Getting to the basics and establishing a strong foundation is critical to combat 80% of the attacks used today in the wild.”
Companies need to make sure that known vulnerabilities are addressed in their environment to take away all the easy routes for threat actors to pwn you. That way you solve most of your security problems right off the top. If you need guidance, this report from Kaspersky will help you to make sure you’re on the good side of being secure.
Like this:
Like Loading...
Related
This entry was posted on May 13, 2023 at 9:44 am and is filed under Commentary with tags Kaspersky. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Kaspersky Highlights The New Ransomware Trends In 2023
Yesterday was Anti-Ransomware Day. And instead of offering accolades to named cyber attackers, as published by Kaspersky in their report New ransomware trends in 2023, here are the leading methods they use year-after-year to exploit public facing vulnerabilities (42.9%) and compromised accounts and malicious emails:
Furthermore, in a another report, Kaspersky experts highlighted three key ransomware trends ransomware groups are incorporating:
“What we’ve been watching throughout the last one and a half years is that they are gradually turning their services into full-fledged businesses. This fact makes even amateur attackers quite dangerous,” said Dmitry Galov, Senior Security Researcher at Kaspersky’s Global Research and Analysis Team.
Roy Akerman, Co-Founder & CEO, Rezonate had this to say:
“We know that 80% of the attacks are using 20% of the same techniques and same vulnerabilities. Every year CISA produces a report indicating the top exploited vulnerabilities and every year we see a very similar list of vulnerabilities we saw the year prior where most are 2 years and older. Same for the attack techniques used, from encoded PowerShell commands, Mimikatz and Cobalt Strike, to ransomware specific techniques such as vulnerable and publicly accessible RDP protocol. Getting to the basics and establishing a strong foundation is critical to combat 80% of the attacks used today in the wild.”
Companies need to make sure that known vulnerabilities are addressed in their environment to take away all the easy routes for threat actors to pwn you. That way you solve most of your security problems right off the top. If you need guidance, this report from Kaspersky will help you to make sure you’re on the good side of being secure.
Share this:
Like this:
Related
This entry was posted on May 13, 2023 at 9:44 am and is filed under Commentary with tags Kaspersky. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.