Tag: cisco talos
Advanced Persistent Threats Rise by 74% in 2024 Report – March 6th
The frequency of Advanced Persistent Threats (APTs) has surged, with Kaspersky's latest report revealing a 74% increase in such attacks compared to last year. APTs were detected in 25% of organizations, accounting for 43% of high-severity security incidents, highlighting a sharp rise in sophisticated cyber threats. Kaspersky's analysis suggests attackers are refining their tactics to bypass security measures, leveraging human-operated techniques rather than automated exploits. The report underscores the growing persistence of APT actors, emphasizing the need for proactive defense strategies across industries.
Rise in ‘brute force’ attacks on VPNs
The past four weeks have seen a sharp global increase in ‘brute force’ attacks on virtual private network (VPN) services, which supply private networks using encryption over the internet. ‘Brute force’ attacks use trial and error to crack passwords, login credentials, and encryption keys. New life has been breathed into what is an old hacking technique with widely available software using artificial intelligence (AI) that can carry out large numbers of attempts automatically. Cisco Talos Intelligence Group reports a sharp rise worldwide in this type of attack against targets, including virtual private network (VPN) services and web authentication interfaces. “Cisco Talos has been actively monitoring a global increase in brute-force attacks against a variety of targets, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH services since at least March 18, 2024. The traffic related to these attacks has increased with time and is likely to continue to rise,” predicts Cisco Talos
Malware Found to Evade Ukranian Detection for 9 Years – April 18th
Cisco Talos revealed its findings, showing that select Ukranian government agencies have been infected with the 'OfflRouter' malware since 2015. Cisco Talos researcher, Vanja Svajcer said. "The virus is still active in Ukraine and is causing potentially confidential documents to be uploaded to publicly accessible document repositories."
Healthcare sector attacks on the rise
The healthcare sector is coming under increasingly severe pressure from cyber-attacks. On the heels of news earlier last week that the infamous Lazarus Group is launching a new campaign targeting internet backbone infrastructure and healthcare facilities in the US and Europe comes news of a major attack by the Rhysida ransomware group on Los Angeles-based Prospect Medical Holdings.