The Q1 Threat Insight Report is live from HP Wolf Security this morning and it reveals that cybercriminals are ‘Cat-Phishing’ users with open redirects and overdue invoice lures to infect victims with malware? Notable threats analyzed in the report include:
- In an advanced WikiLoader campaign, cybercriminals directed users to trustworthy invoice sites, before sending them to malicious ones using open redirect vulnerabilities in ad embedding. This attack is almost impossible for users to spot.
- A low-cost AsyncRAT campaign, saw threat actors hiding malware inside HTML files posing as delivery invoices which, once opened in a web browser, unleash a chain of events deploying open-source malware.
- Attackers used Living-off-the-Land (LotL) techniques – using legitimate tools like the Windows Background Intelligence Transfer Service (BITS) to upload or download malicious files to web servers and file shares.
Other findings include:
- At least 12% of email threats identified by HP Sure Click Enterprise bypassed one or more email gateway scanners.
- The top threat vectors in Q1 were email attachments (53%), downloads from browsers (25%) and other infection vectors, such as removable storage – like USB thumb drives – and file shares (21%).
- This quarter, at least 65% of Excel document threats relied on an exploit to execute code, rather than macros.
You can read the full report here.
Like this:
Like Loading...
Related
This entry was posted on May 16, 2024 at 11:23 am and is filed under Commentary with tags HP. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
The HP Q1 Threat Insight Report Is Out
The Q1 Threat Insight Report is live from HP Wolf Security this morning and it reveals that cybercriminals are ‘Cat-Phishing’ users with open redirects and overdue invoice lures to infect victims with malware? Notable threats analyzed in the report include:
Other findings include:
You can read the full report here.
Share this:
Like this:
Related
This entry was posted on May 16, 2024 at 11:23 am and is filed under Commentary with tags HP. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.