Another entry into the debate about whether ransomware attacks are rising or declining has been published.Emsisoft researchers said last week that so many attacks go unreported that the United States will find out the truth. said it is difficult to This week, Delinea researchers released a report that paid research suggests a significant drop in ransomware over the past year compared to 2021. His 1% of respondents say their organization will be attacked in 2021. Respondents also said their ransomware mitigation budgets have declined over the past year, likely due to IT leaders combining defenses against ransomware with defenses against all types of cyberattacks. There is a nature. Even more worrying, the number of companies with incident response plans has dropped from 94% in 2022 to 71% last year. A link to the full report can be found in the text version of this podcast.
Attackers have been known to install backdoors in the victim’s IT infrastructure to facilitate attacks. Therefore, after a successful compromise of security controls, it is imperative that he search the entire IT environment to ensure no backdoors remain. The latest example comes from a report by UK-based researchers at S-RM Intelligence. We investigated an attack by the Lorenz ransomware gang. The gang exploited a vulnerability in Mitel’s organization using her VoIP phone system. However, this was made possible by using a backdoor that was installed five months before the ransomware was launched. One theory is that the original access broker compromised the victim’s IT infrastructure and installed a backdoor before notifying Lorenz Group. Whatever the explanation, this is another example of why continuous backdoor searches and vulnerability patching are essential.
Not much is said about the ransom demands associated with denial-of-service attacks. However, these are things that IT security leaders need to think about. According to his Cloudflare service, which mitigates denial-of-service attacks, in the fourth quarter of last year, 16% of its customers said the DDoS attacks they suffered were accompanied by a threat or ransomware. . However, this was fewer than the 22% who said they had been hit by a threatening DDoS attack in the fourth quarter of 2021. In Q1 2022, 10% of customers affected by a DDoS attack said it was a threat. This increased to 12% in the second quarter, 14% in the third quarter and, as mentioned above, 16% in the fourth quarter.
IT administrators should be aware that compromised Internet-connected devices such as computers, routers, firewalls, surveillance cameras, and associated digital recorders are used to create botnets and launch distributed denial-of-service attacks. Sanitizing your IT network helps reduce the chances of your device being used in a DDoS attack.
Yesterday was Microsoft’s monthly Patch Tuesday, releasing fixes for a number of vulnerabilities in Windows. According to Action1 researchers, 98 vulnerabilities have been fixed. 11 of them are classified as critical. One fixes a critical zero-day vulnerability in all Windows versions dating back to version 8.1 and WinServer 2012 R2. A potential attacker could gain system privileges. Another fixes a hole in the Windows Credential Manager. Also yesterday, SAP released 12 security patches. Onapsis researchers note that three patches have a vulnerability score of 9 or higher. Adobe has released critical fixes for Acrobat and Acrobat Reader. Zoom has released patches for his two high-severity vulnerabilities in Zoom Rooms.