• Follow us

Internet

Cybercriminals use multiple evasion techniques to catch prey

Bad guys are implementing multiple evasion techniques in efforts to avoid detection and target individuals for fast and easy financial gain.

According to Mimecast’s first Threat Intelligence Report: Black Hat Edition 2019, 67b emails were rejected globally between April and June this year for displaying highly malicious attack techniques out of the nearly 160b emails processed.

Interestingly, the report cites that threat actors are adapting how they engage their targeted victims, initiating through email first and then shifting to SMS, a less secure communications channel.

On the other hand, an increasing amount of more complex targeted attacks using obfuscation; layering and bundling of malware were often used. Researchers found that threat actors using these types of attacks are familiarizing themselves with their target’s security environment and then implementing multiple evasion techniques in efforts to avoid detection.

Microsoft Excel: Most popular 

(Image credit: Mimecast)

“We’ve observed malware-centric campaigns becoming more sophisticated, often using different types of malware in different phases of an attack – yet, at the same time very simple attacks are also increasing significantly,”. Josh Douglas, vice president of threat intelligence at Mimecast

A large number of known malware campaigns were observed, including ones incorporating Emotet, Adwin, Necurs, and Gandcrab malware.

Microsoft Excel was one of the most popular file types used to distribute malicious activity, as more than 40% of threats detected were using files associated with it. File types associated with Microsoft Word were seen in nearly 15% of threats.

Attackers are using either simple and opportunistic attacks or complex and targeted attacks based on necessity to impact the target.

Josh Douglas, vice president of threat intelligence at Mimecast, said that the cyberthreat landscape will continue to evolve as threat actors continue to look for new ways to bypass security channels to breach their targets.

“We’ve observed malware-centric campaigns becoming more sophisticated, often using different types of malware in different phases of an attack – yet, at the same time very simple attacks are also increasing significantly,” he said.

Moreover, he said that threat actors are becoming more organised and business-like by implementing subscription and as-a-service-based business models to deliver malware in an effort to reduce their work and improve their return-on-investments.

Most targeted sector - professional education

Spam is heavily used by threat actors as a conduit to distribute malware, he said and added that professional education sector was the most targeted sector, 256 attacks per year, followed by software and SaaS, 109 attacks per user, and IT resellers, 82 attacks per user.

Douglas said that professional education sector is likely seen as a prime target due to constantly changing student populations that are not likely to have high security awareness and the potential for attackers to get access to personal data.

Since the cat-and-mouse game with attackers will continue for the foreseeable future, Mimecast researchers believe that attackers will continue to refresh older malware to help avoid detection, move towards more manipulative social engineering techniques, and leverage URLs hosted on well-known, generally trusted cloud platforms to spread malware.

Mimecast has detected an evolution of malware threats where threat actors’ link to documents or landing pages on well-known cloud platforms using URLs that otherwise would appear to be legitimate. These documents or landing pages then link or redirect users to other malicious sites or documents that download malware onto a victim’s system.

In addition, threat actors will make increasing use of file encryption to further evade scanner detections.

Read More



Leave A Comment

More News

TechRadar: Internet news

Disinformation campaign from China uses VPN to trick 2019-08-23 13:45:22VPNs and other methods were used to disguise YouTube accounts spreading misinformation about the protests in Hong Kong.

Win ROG tech at PAX West 2019 2019-08-23 13:16:56PAX West attendees usually come to try out the latest indie games on top-end PCs and laptops

Best NAS devices of 2019: top Network Attached 2019-08-23 13:09:18Access your data anywhere in your home or office with these supercharged hard drives that connect to your wireless router.

The best Ultrabooks 2019: top thin and light 2019-08-23 13:00:03We've put together a definitive list of the best Ultrabooks.

Best monitor 2019: the top 10 monitors and 2019-08-23 12:54:16We've dug deep to find only the best monitors in the US, UK and Australia.

The best graphics cards 2019: all the top 2019-08-23 12:48:16Now that the new RTX 2080 and 2080 Ti are here, the best graphics cards are capable of so much more

Best wireless routers 2019: the best routers for 2019-08-23 12:45:04From Google Wifi to Netgear Nighthawk, these are the best wireless routers we've seen.

DOJ disrupts massive business email scam operation 2019-08-23 12:41:47The Justice Department is taking a hard stance on online fraud by indicting over 80 people for their involvement in a massive business email scam.

Luigi's Mansion 3: release date, news, and features 2019-08-23 12:34:42Announced during the Nintendo Direct stream last September, the new game is coming to Switch this Halloween.

Best email hosting providers of 2019 2019-08-23 12:17:07Quality products and plans for all your email needs.

'Lowest ever' Samsung S10 deal is free upfront 2019-08-23 11:30:05Carphone Warehouse is bringing out the big guns on the S10 - we have a LOT of time for this Samsung phone deal.

Best DSLR camera 2019: 10 great cameras to 2019-08-23 11:26:35Buying a DSLR can be a daunting task, but you'll be on the way to choosing the right camera with our expert guide.

TechCrunch » Enterprise

Oracle directors give blessing to shareholder lawsuit against 2019-08-22 16:58:06Three years after closing a $9.3 billion deal to acquire NetSuite, several Oracle board members have written an extraordinary letter to the Delaware C

Enterprise software is hot — who would have 2019-08-22 11:30:18Once considered the most boring of topics, enterprise software is now getting infused with such energy that it is arguably the hottest space in tech.

Remediant lands $15M Series A to disrupt privileged 2019-08-22 09:21:14Remediant, a startup that helps companies secure privileged access in a modern context, today announced a $15 million Series A led by Dell Technologie

NASA’s new HPE-built supercomputer will prepare for landing 2019-08-22 09:03:24NASA and Hewlett Packard Enterprise (HPE) have teamed up to build a new supercomputer, which will serve NASA’s Ames Research Center in Californi

Splunk acquires cloud monitoring service SignalFx for $1.05B 2019-08-21 16:48:25Splunk, the publicly traded data processing and analytics company, today announced that it has acquired SignalFx for a total price of about $1.05 bill

Box introduces Box Shield with increased security controls 2019-08-21 08:19:57Box has always had to balance the idea of sharing content broadly while protecting it as it moved through the world, but the more you share, the more

IBM is moving OpenPower Foundation to The Linux 2019-08-20 13:12:35IBM makes the Power Series chips, and as part of that has open-sourced some of the underlying technologies to encourage wider use of these chips. The

H2O.ai announces $72.5M Series D led by Goldman 2019-08-20 10:50:17H2O.ai‘s mission is to democratize AI by providing a set of tools that frees companies from relying on teams of data scientists. Today it got a

Reputation.com nabs $30M more to help enterprises manage 2019-08-20 07:01:54In these days where endorsements from influential personalities online can make or break a product, a startup that’s built a business to help co

The five technical challenges Cerebras overcame in building 2019-08-19 18:38:24Superlatives abound at Cerebras, the until-today stealthy next-generation silicon chip company looking to make training a deep learning model as quick

Join The New Stack for Pancake & Podcast 2019-08-19 16:00:26Popular enterprise news and research site The New Stack is coming to TechCrunch Sessions: Enterprise on September 5 for a special Pancake & Podcas

Ally raises $8M Series A for its OKR 2019-08-19 13:40:04OKRs, or Objectives and Key Results, are a popular planning method in Silicon Valley. Like most of those methods that make you fill in some form once


Disclaimer and Notice:WorldProNews.com is not responsible of these news or any information published on this website.