Use of malware, botnets and exploits expands

Issue 3 2022 News

Nuspire, a managed security services provider (MSSP), has announced the release of its Q1 2022 Threat Report. The report outlines new cybercriminal activity and tactics, techniques and procedures (TTPs), as well as provides data and insight into malware, exploit and botnet activity.

Nuspire’s data revealed a significant number of new vulnerabilities leading to increases in threat actor activity across all three of the threat classifications it studies: malware, botnets and exploits. Of note are several older botnets that saw a resurgence in Q1, including Mirai, STRRAT and Emotet.

Mirai, known for co-opting IoT devices to launch DDoS attacks, showed a spike in activity in February 2022 (https://en.wikipedia.org/wiki/Mirai_(malware)). This corresponded with the discovery of Spring4Shell, a zero-day attack on popular Java web application framework, Spring Core. The attack allows for unauthenticated remote code execution and data shows Mirai exploited this vulnerability to its botnet.

STRATT botnet, which engages in information stealing, keystroke logging and credential harvesting from browsers and email clients, also spiked in February. This data corresponds with recent announcements identifying a new STRRAT phishing campaign.

“With Q4 2021 being a quieter quarter for cyberattacks we predicted Q1 2022 would see a rebound and our data proves that,” said J.R. Cunningham, chief security officer at Nuspire. “As zero-day attacks and numerous other vulnerabilities among big-name companies like Google and Microsoft come to light, threat actors are quickly adjusting their tactics and these exploits tend to get industry attention, but the threat posed by older and well-understood attacks still persists. It’s critical businesses of all sizes understand the costliness of these attacks and fortify their security posture accordingly.”

Additional notable findings from Nuspire’s Q1 2022 Threat Report include:

• Incidences of malware, botnet and exploit activity increased 4,76%, 12.21% and 3,87% respectively over Q4 2021.

• Visual Basic Applications (VBA) trojans continue to be the top malware variant, comprising nearly 30% of all malware variants. Of note is its activity spiked just prior to Microsoft’s announcement of plans to block VBA macros by default on Office products.

• Brute force attacks – when threat actors guess different combinations of potential passwords until the correct password is discovered – were by far the most popular exploit at 61%.

“Securing expanded risk surfaces today requires that organisations have 20/20 hindsight combined with an over-the-horizon view of current and potential future threats,” said Craig Robinson, program director for security services at IDC. “Understanding the tactics, techniques and procedures (TTPs) that attackers have historically utilised does not lose value over time, as many of these exploits get repeated with slight twists to make them dangerous zero-day exploits. Combining this historical knowledge with curated threat intelligence that shows the current threat landscape is vital for organisations to survive in these dangerous times.”

The report can be downloaded at www.nuspire.com/resources/q1-2022-threat-report/




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Security BIS named AxxonSoft’s Distributor of the Year 2021
News CCTV, Surveillance & Remote Monitoring
With its focus on AxxonSoft solutions and technical support, Security BIS secured the title of AxxonSoft Distributor of the Year again for 2021.

Read more...
Infinidat enhances channel support
News IT infrastructure
Infinidat drives go-to-market strategy with new global partner portal and expands channel sales with Storage-as-a-Service in ArrowSphere.

Read more...
The Handbook of Security’s third edition has been published
News
The third edition of the Handbook of Security, edited by Perpetuity Research director Martin Gill, has been published, containing 45 contributions from leading global scholars.

Read more...
GJD announces new SMT Machine
News Perimeter Security, Alarms & Intruder Detection
GJD will now be able to complete the manufacture of its products in-house, and thereby significantly decrease the business’ carbon footprint while increasing employment opportunities.

Read more...
Smart home devices market growing across META
Smart Home Automation News
The Middle East, Turkey, and Africa (META) smart home devices market continues to register significant gains on the back of increasing awareness and improving end user experiences, according to the latest insights from International Data Corporation.

Read more...
How to react in an armed robbery or home invasion
Fidelity Services Group Security Services & Risk Management News
How you react when faced with a nervous, gun-toting criminal can save your life, or cost you your life; all family members need to know what to do in such circumstances.

Read more...
To be or not to be, is that the objective?
Iris AI Editor's Choice CCTV, Surveillance & Remote Monitoring News
Gerhard Furter joins a discussion on the nature of sentience in artificial intelligence. Do we actually know what sentience is, or are we overestimating our human capabilities?

Read more...
From the editor's desk: The last CCTV Handbook
Technews Publishing News
Welcome to the CCTV Handbook 2022, I hope the headline caught your eye. This really is the last CCTV Handbook Hi-Tech Security Solutions will ever produce, but it is not the last handbook about surveillance ...

Read more...
From Generation Z to Baby Boomers
News
Lorna Hardie, regional director at VMware SSA discusses the impact of hybrid working across the generations when work is no longer confined to the office.

Read more...
Axis to create explosion-protected cameras
Axis Communications SA CCTV, Surveillance & Remote Monitoring News Products
Axis Communications has announced its plans to develop its own explosion-protected surveillance cameras and devices across the Axis product portfolio through a new subsidiary, Axis Ex AB.

Read more...