• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Ransomware Groups to Increase Zero-Day Exploit-Based Access Methods in the Future

You are here: Home / General Cyber Security News / Ransomware Groups to Increase Zero-Day Exploit-Based Access Methods in the Future
December 19, 2022

Ransomware groups are anticipated to tweak their tactics, strategies and methods (TTPs) and change their company styles as organizations reinforce their cybersecurity steps, regulation enforcement will get better at tracking down danger actors and governments tighten laws on cryptocurrencies, in accordance to Trend Micro’s most current study paper.

In the report, released on 15 December and titled The Around and Significantly Long run of Ransomware Organization Types, Trend Micro highlighted 10 probable evolutions of ransomware groups’ TTPs.

All those include things like improved use of zero-working day vulnerabilities to get initial accessibility to the targets’ networks.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


“Current ransomware groups discover solutions for accessibility this sort of as having different teams to pen examination entry vectors to likely victims’ networks, order reputable qualifications from sellers in the underground, or use known exploits for vulnerabilities in any of the software program currently being utilised by the focus on. One particular achievable track is for these ransomware teams to allocate methods in producing their personal vulnerability investigate and exploitation groups,” the report reads.

“Moreover, contemplating the availability of these skills are scarce, yet another probable revenue source is when these groups also give “first to refuse” agreements with recognized exploit builders: intrigued functions will shell out to have a first glance at the exploit and get the appropriate to get them first prior to the ‘product’ is supplied to the developer’s other clientele.”

An additional doable evolution in ransomware attacks involves an raising emphasis on concentrating on cloud infrastructure.

“We see these groups probably diverting in two phases: very first, criminals will adapt their present-day business enterprise designs to do the job in cloud environments, dealing with instances as normal information to be encrypted. 2nd, they will attain maturity in comprehension their targets and cloud environments and develop extra cloud-particular ransomware households designed exclusively with special cloud solutions in brain, developing new kinds of ransomware attacks.”

Aside from these tweaks, which Trend Micro named ‘evolutions’, the organization also analyzed further variations – or ‘revolutions’ – in how ransomware teams monetize their craft, with more risk actors either performing for governments or crossing paths with classic organized criminal offense teams, from time to time at the identical time, or shifting towards “other criminal business styles that monetize preliminary access, these as quick and distort (stocks fraud), organization email compromise (BEC), and cryptocurrency theft.


Some components of this posting are sourced from:
www.infosecurity-magazine.com

Previous Post: «Cyber Security News Meta Takes Down Over 200 Covert Influence Operations Since 2017
Next Post: Researchers Discover Malicious PyPI Package Posing as SentinelOne SDK to Steal Data researchers discover malicious pypi package posing as sentinelone sdk to»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
  • PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution
  • Securing Data in the AI Era
  • Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild
  • Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cybercriminals
  • CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises
  • Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads
  • Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord
  • Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods
  • What Security Leaders Need to Know About AI Governance for SaaS

Copyright © TheCyberSecurity.News, All Rights Reserved.