TechBizWebTechBizWeb

    Subscribe to Updates

    Get the latest news about Technology and Business from all around the web..

    What's Hot

    Crypto hedge fund Three Arrows falls into liquidation

    June 29, 2022

    Electric vehicle companies have a serious quality problem

    June 29, 2022

    Ben & Jerry’s sales to continue in Israel after Unilever sells licence

    June 29, 2022
    Facebook Twitter Instagram
    • About Us
    • Privacy Policy
    • Guest Post
    • Terms
    • Contact
    Facebook Twitter Instagram
    TechBizWebTechBizWeb
    Subscribe
    • Home
    • Technology

      Electric vehicle companies have a serious quality problem

      June 29, 2022

      Apple promises “white glove experiences” for its most helpful community members

      June 29, 2022

      Amazon’s Paper Girls series messes with the timeline in first trailer

      June 29, 2022

      The NuraTrue Pro are the first wireless earbuds to support aptX Lossless streaming

      June 29, 2022

      The internet is a constant recommendations machine — but it needs you to make it work

      June 29, 2022
    • Business
    • Cyber Security

      IC3 issues warning on deepfake use in remote work applications

      June 29, 2022

      Kurt John named Chief Security Officer at Expedia

      June 29, 2022

      Why insider threats pose unique risks to national security

      June 29, 2022

      Does AI materially impact cybersecurity strategies?

      June 29, 2022

      Hybrid work transition reveals low enterprise cybersecurity confidence

      June 28, 2022
    • Blockchain
    • Vulnerabilities
    • Social Engineering
    • Malware
    • Cyber Security Alerts
    TechBizWebTechBizWeb
    Home»Cyber Security»Supply Chain Attacks Nearly Doubled in 2018: Symantec
    Cyber Security

    Supply Chain Attacks Nearly Doubled in 2018: Symantec

    February 20, 2019Updated:February 20, 2019No Comments3 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp
    Share
    Facebook Twitter LinkedIn Pinterest Email


    The number of supply chain attacks observed last year was 78% higher compared to the previous year, a new Symantec report reveals. 

    Aiming to compromise a target by exploiting third-party services and software, supply chain attacks take many forms, including the hijacking of software updates to inject malicious code into legitimate software. Threat actors abuse stolen credentials or compromised third-party libraries to exploit software developers in their attacks. 

    2018 has seen a surge in formjacking attacks, once again proving that supply chain can be a weak point for online retailers and eCommerce sites, Symantec reveals in its latest Internet Security Threat Report (ISTR). Many of these formjacking attacks steamed from compromised third-party services used by online retailers, including chatbots and customer review widgets.

    Ransomware attacks went down 20% compared to 2017, but attacks against enterprises increased 12% and mobile ransomware surged 33%. Cryptojacking attacks dropped by 52% between January and December, likely influenced by a 90% drop in the value of Monero.

    The use of off-the-shelf tools and operating system features to conduct attacks increased as well in 2018, with PowerShell usage showing a massive surge: the number of scripts blocked at endpoint went up 1,000% compared to the previous year. 

    “While we block on average 115,000 malicious PowerShell scripts each month, this only accounts for less than 1 percent of overall PowerShell usage. Effectively identifying and blocking these attacks requires the use of advanced detection methods such as analytics and machine learning,” Symantec notes. 

    Attackers also switched focus to smaller organizations, which were more likely to be hit with spam, phishing, and email malware last year. Spam levels continued to rise in 2018, reaching 55% of all emails, email malware remained stable, but phishing dropped from 1 in 2,995 emails to 1 in 3,207 emails.

    Microsoft Office accounted for 48% of all malicious email attachments, as cyber-crime groups such as Mealybug and Necurs used not only macros in Office files, but also malicious XML files and Office files with DDE payloads. There were fewer URLs used in malicious emails (7.8%) as attackers focused on malicious attachments. 

    The use of zero-day exploits continued to decline last year, with only 23% of attack groups using zero-days. Some attack groups such as Gallmaker switched to relying solely on “living off the land” techniques, without using malicious code. 

    Large attack groups intensified their activity in 2018 and also diversified their targets. More and more groups focused on compromising operational computers to mount disruptive operations, a tactic pioneered by the Dragonfly espionage group. The method was also adopted by groups such as Thrip and Chafer last year. 

    According to Symantec, the increased interest in potentially disruptive attacks was also reflected in the number of groups known to use destructive malware, which went up by 25% in 2018.

    The number of indictments in the United States against people alleged to be involved in state-sponsored espionage also went up last year, with 49 individuals or organizations indicted. The US charged 18 alleged Russian agents with involvement in attacks relating to the 2016 presidential election, 19 Chinese individuals or organizations, 11 Iranians, and one North Korean. 

    “This sudden glare of publicity may disrupt some of the organizations named in these indictments. It will severely limit the ability of indicted individuals to travel internationally, potentially hampering their ability to mount operations against targets in other countries,” Symantec notes.

    Ionut Arghire is an international correspondent for SecurityWeek.

    Previous Columns by Ionut Arghire:
    Tags:



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    IC3 issues warning on deepfake use in remote work applications

    June 29, 2022 Cyber Security

    Kurt John named Chief Security Officer at Expedia

    June 29, 2022 Cyber Security

    Why insider threats pose unique risks to national security

    June 29, 2022 Cyber Security

    Does AI materially impact cybersecurity strategies?

    June 29, 2022 Cyber Security

    Hybrid work transition reveals low enterprise cybersecurity confidence

    June 28, 2022 Cyber Security

    Ransomware in Q1 2022 doubled total 2021 volume

    June 28, 2022 Cyber Security
    Editors Picks

    Electric vehicle companies have a serious quality problem

    June 29, 2022

    Ben & Jerry’s sales to continue in Israel after Unilever sells licence

    June 29, 2022

    IC3 issues warning on deepfake use in remote work applications

    June 29, 2022

    Apple promises “white glove experiences” for its most helpful community members

    June 29, 2022
    Trending Now

    French star Kylian Mbappé backs NFT fantasy football start-up Sorare

    By techbizweb

    Why insider threats pose unique risks to national security

    By techbizweb

    The internet is a constant recommendations machine — but it needs you to make it work

    By techbizweb

    https://www.nationalsportsacademy.com

    slot gacor hari ini

    http://www.inadesfo.org/

    http://www.eueomgbissau.org/

    http://www.congo-mai-mai.net/

    http://www.angelesdelafrontera.org/

    http://fifaworldcup2018schedule.com/

    http://tony4gtrmcr.co.uk/

    http://www.standrewsagreement.org/

    http://www.bob-russell.co.uk/

    http://davidmulholland.co.uk/

    http://railwayhotelenniskillen.com/

    http://www.fantasysportstrades.com/

    http://www.rainleaf-flooring.com

    http://mothersagainstguns.org/

    http://ma-coc.org/

    slot online

    http://www.paradoxmag.com/situs-judi-slot-online-gampang-menang-2021/

    http://www.paradoxmag.com/situs-judi-slot-online-terbaru-2021/

    http://slot-terbaru.net/

    Slot Gacor

    Slot Online

    Situs Slot Gacor

    http://www.appdexterity.com/

    https://cars4kids-deutschland.de/

    https://www.stretchingculture.com/

    https://www.b-123-hp.com/slot-gacor/

    https://denzstaffing.nl/

    https://ezbbqcooking.com/slot-gacor/

    https://www.mbahelp24.com/slot-gacor

    https://minhtanstore.com/slot-jackpot-terbesar/

    https://njbpusupplierdiversity.com/slot-gacor-gampang-menang/

    https://www.floridaspecialtycropfoundation.org/slot-gampang-menang/

    https://childrenscornerpreschool.org/slot-gacor-gampang-menang/

    https://cryptoquoter.com/slot-online-terbaik/

    https://alorkantho24.com/slot-gacor/

    https://ellas.xyz/slot-gacor/

    https://it.dougamatome.xyz/slot-online/

    https://www.daltercume.com/slot-gacor/

    https://josi-ana.dougamatome.xyz/slot88/

    https://josi-ana.dougamatome.xyz/slot-gacor/

    https://fastobserver.com/slot-jackpot-terbesar/

    https://www.planetexperts.com/slot-gacor/

    https://bfsolution.group/slot-bet-kecil/

    https://rustleva.co/slot/

    https://bfsolution.group/slot-bet-kecil/

    https://www.hotelcalimareal.com/togel-online/

    https://anime-game.dougamatome.xyz/slot-gacor-gampang-menang/

    https://anime-game.dougamatome.xyz/togel-online/

    https://bourbonbarrelfoods.com/slot/

    http://suneo39.wp.xdomain.jp/slot/

    https://techbizweb.com/slot-gacor/

    https://www.generalcatalyst.com/18-daftar-slot-gacor-terbaik-gampang-menang-jackpot-hari-ini/

    https://www.hotelcalimareal.com/slot-online/

    https://www.blockgates.io/slot-gacor/

    https://l12.com.br/slot-gacor/

    slot paling gacor

    https://www.donalds-hobby.com/slot-online/

    https://thecryptodirt.com/slot-gacor-hari-ini/

    http://iseta.edu.ar/aulavirtual/app/upload/users/1/1205/my_files/sbobet.html

    http://escuelavirtual.mincit.gov.co/app/upload/users/1/194/my_files/slot.html

    https://www.dev.medecinesfax.org/courses/JUDICASINO/document/slot.html

    http://www.e-archivos.org/cursos/courses/JUDICASINO/document/slot-gacor.html

    http://iesma.com.br/ead/main/upload/users/4/447/my_files/slot.html

    https://www.fundacoop.org/chamilo/app/upload/users/1/1185/my_files/slot.html

    https://fata-aatf.org/eskola/main/upload/users/3/31/my_files/slot.html

    https://uancv.edu.pe/ofinvestigacion/app/upload/users/3/328/my_files/slot-terlengkap.html

    https://micost.edu.my/EL/app/upload/users/2/209/my_files/slot-gacor.html

    https://www.academiacoderdojo.ro/elearningdev/app/upload/users/2/2442/my_files/slot-online.html

    http://campus-cidci.ulg.ac.be/courses/JUDICASINO/document/slot-termurah.html

    https://www.escueladerobotica.misiones.gob.ar/aula-ste/courses/LIVECASINO/document/slot-tergacor.html

    http://ccdipeepccqqfar.usac.edu.gt/chamilo/app/upload/users/3/358/my_files/slot-online.html

    https://cunori.edu.gt/campus/app/upload/users/7/7334/my_files/slot-online.html

    http://u-rus.com.ar/aula/app/upload/users/1/1322/my_files/slot.html

    http://icrodarisoveria.edu.it/chamilo/app/upload/users/1/1855/my_files/slot.html

    https://iestpliliagutierrez.edu.pe/clarolgm/courses/CASINO/document/slot.html

    http://pva.cobach.edu.mx/app/upload/users/7/7379/my_files/slot.html

    http://www.imb-pc-online.edu.gt/PL/app/upload/users/3/373/my_files/slot.html

    http://avcs.upeu.edu.pe/main/upload/users/3333/my_files/slot.html

    https://chamilo.fca.uas.edu.mx/app/upload/users/1/11186/my_files/slot-online/

    TechBizWeb
    Facebook Twitter Instagram Pinterest Vimeo YouTube
    • Home
    • Guest Post
    • About Us
    • Privacy Policy
    • Our Authors
    • Terms and Conditions
    • Contact
    © 2022 Tech Biz Web. Developed by Sawah Dev.

    Type above and press Enter to search. Press Esc to cancel.