• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Experts Warn of Surge in Multipurpose Malware

You are here: Home / General Cyber Security News / Experts Warn of Surge in Multipurpose Malware
February 16, 2023

Security researchers have warned that a rising quantity of flexible malware variants are able of doing several malicious steps throughout the cyber-get rid of chain.

Picus Security compiled its Pink Report 2023 by analyzing over 500,000 malware samples very last calendar year, figuring out their strategies, techniques and techniques (TTPs) and extracting above 5.3 million “actions.”

The vendor then mapped these steps to MITRE ATT&CK methods.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


The report discovered that the average malware variant now leverages 11 TTPs or nine MITRE ATT&CK techniques. A person third (32%) makes use of more than 20 TTPs, and 1 in 10 leverages more than 30 TTPs, in accordance to the report.

“Modern malware will take many sorts. Some rudimentary kinds of malware are built to perform basic features. Other folks, like a surgeon’s scalpel, are engineered to carry out single tasks with excellent precision,” stated Picus Security co-founder, Suleyman Ozarslan.

“Now we are observing far more malware that can do everything and anything. This ‘Swiss Military knife’ malware can permit attackers to transfer as a result of networks undetected at good speed, get credentials to entry critical systems and encrypt data.”

Highlighting the target for several menace actors currently, Picus identified that 40% of the most prevalent MITRE ATT&CK approaches it determined ended up utilized to support with lateral motion.

These integrated attempted-and-examined procedures this sort of as Command and Scripting Interpreter and OS Credential Dumping, and more recent ones these as Distant Solutions, Remote Procedure Discovery and WMI.

The most widespread strategy in the report’s top 10 list was Command and Scripting Interpreter, which requires the abuse of genuine interpreters this kind of as PowerShell, AppleScript and Unix shells to execute arbitrary commands. This highlights how hackers favor legit present applications in their attacks, fairly than custom-formulated kinds, Picus explained.

Second on the listing was OS Credential Dumping, which attackers use to hijack accounts and move laterally. 3rd arrived Data Encrypted for Impression, which reveals the continued menace posed by ransomware.

“The objective of ransomware operators and country-condition actors alike is to attain an goal as speedily and efficiently as doable. The simple fact that extra malware can perform lateral movement is a indication that adversaries of all varieties are being compelled to adapt to distinctions in IT environments and function tougher to get their payday,” stated Ozarslan.

“Faced with defending against significantly innovative malware, security groups ought to also go on to evolve their techniques. By prioritizing usually used attack techniques, and by consistently validating the performance of security controls, companies will be a lot greater well prepared to defend critical belongings.”


Some parts of this write-up are sourced from:
www.infosecurity-magazine.com

Previous Post: «Cyber Security News UK Policing Riddled with Chinese CCTV Cameras
Next Post: ESXiArgs Ransomware Hits Over 500 New Targets in European Countries esxiargs ransomware hits over 500 new targets in european countries»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
  • Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
  • CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk
  • Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
  • WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network
  • New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
  • AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar
  • Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
  • Non-Human Identities: How to Address the Expanding Security Risk
  • ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

Copyright © TheCyberSecurity.News, All Rights Reserved.