Reports / Surveys
Ransomware up 77%, WannaCry still dominant
Ransomware detections surged by 77% in the first half of 2019 compared to the second half of last year, a new Trend Micro report indicates. And while strains like Ryuk, LockerGoga and RobbinHood made waves with disruptive attacks on government entities and large companies, WannaCry remained the most common ransomware variant, accounting for ten times as many detections as all other variants combined. The worm that wreaked havoc across the globe in 2017 is used almost exclusively (94.9% of cases) to target unpatched Windows 7 machines.
53% of social media logins are attacks
Account takeover attacks targeting social media have become so popular that over half (53.3%) of social media login traffic is now fraudulent, a recent Arkose Labs analysis of over 1.2 billion user sessions shows. In general, cyberattacks constitute 11% of all sessions. Most attacks are automated, but human driven attacks account for the majority of malicious sessions targeting retail and just under half of attacks targeting the technology industry.
Microsoft remains most spoofed brand, Facebook phishing surges
In Q2 of this year Microsoft was the most impersonated brand in phishing attacks according to a Vade Secure report. The tech giant also topped the list in all 4 previous reports. PayPal came in second, just like in Q1, while Facebook entered the top three thanks to a 175.8% rise in phishing campaigns spoofing the social media behemoth. The rest of the top 10 consisted of Netflix, Bank of America, Apple, CIBC, Amazon, DHL and DocuSign.
Small firms at risk due to lack of IT security expertise and limited budgets
While 80% of small to midsize businesses (SMBs) realize that cybersecurity is a key priority for them, 29% keep their IT security budget below $1,000 per year, a recent Untangle survey shows. An additional 19% has an annual budget under $5,000 and a staggering 26% of small firms couldn’t provide the amount they spend on IT security per year. Moreover, the majority (52%) of SMBs still haven’t created a specific cybersecurity position and instead let various employees share security responsibilities. This combination of budget constraints and a lack of security expertise not only renders SMBs vulnerable to attacks, but also makes them popular targets for cybercrime.
One in four employees would steal company data to land a new job
The insider threat to companies can take on many forms. A new Gurucul report reveals that one of those, namely data theft for personal gain, might be more common than you would expect, since almost a quarter (24%) of workers said they would use data belonging to their current employer to increase their chances of landing a better job at a competitor. Respondents indicated that they would obtain data by emailing it to personal accounts; transferring it to a flash drive or by other means.
NASA astronaut accused of hacking bank account from space
Decorated NASA astronaut Anne McClain may have committed the first crime in space. According to her estranged wife, former Air Force intelligence officer Summer Worden, McClain hacked into her bank account while aboard the International Space Station earlier this year.
What You Can Do
Organizations should ensure that their third-party vendors are maximizing their efforts on penetration tests. With the increase of ransomware and phishing attacks occurring on a daily basis, it's important that your penetration test helps your organization with these security implementations. Since penetration tests can also identify areas and escalation points that ransomware could take advantage of whereas vulnerability scanning usually cannot, organizations should also ensure they understand the differences between a penetration test and a vulnerability assessment. In many cases, organizations are receiving a vulnerability assessment with the assumption of having a penetration test performed.
Furthermore, if your organization isn't performing phishing attacks on a regular basis, it may be worthwhile doing so as most of the attacks that occur originate from phishing emails. Although organizations can't expect to reduce their users' participation to 0%, increasing user awareness can help reduce the overall possibility of a successful phishing campaign.
Freaky Infosec Fact of the Week
Fitness app data has revealed the locations of secret US army bases
In 2017, fitness tracking app Strava accidentally exposed secret US army facilities when it published a global heat map showing the exercise routes of its users, including those of foreign army personnel stationed in countries where the app wasn’t used by locals.
About Vonahi Security
Vonahi Security is a cybersecurity consulting firm that offers modern consulting services to help organizations achieve both compliance and security best practices. With over 30 years of combined industry experience in both offensive and defensive security operations, our team of certified consultants have experience working with a significant number of organizations, industries, networks, and technologies. Our service expertise includes Managed Security, Adversary Simulations, Strategy & Review, and User Education & Awareness. Vonahi Security is headquartered in Atlanta, GA. To learn more, visit www.vonahi.io