Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,170
- Points
- 113
Supply chain attacks are becoming increasingly disruptive…
SonicWall has published a semi-annual report on cyber threats for 2024. In the first half of the year, attacks on the supply chain increased significantly, the number of malicious software for Internet of Things (IoT) devices increased, and the use of PowerShell by attackers increased. The report is based on data collected during this period and provides a better understanding of current threats and trends in the industry.
One of the key changes was the introduction of a new threat measurement system — TICKS. Instead of counting each firewall attack as previously done (HITS), the number of hours that the firewall is exposed to malware is now measured. This allows you to get a more accurate picture and simplifies data analysis.
Attacks on business email (BEC) have increased significantly. According to SonicWall, for every ransomware attack, there are ten BEC incidents, and 70% of such attacks involve various methods of social engineering.
In the first half of 2024, the number of attacks on IoT devices increased by 107%. On average, they were under attack for 52.8 hours. The main reason for this vulnerability is the low level of security of IoT devices, which makes them easy targets for cybercriminals.
83% of alerts received from SonicWall managed services are related to cloud applications and compromised credentials. This confirms the continued growth of cloud services as targets for attacks in 2024 and beyond.
Supply chain attacks are becoming more frequent and complex. This year, serious security flaws were identified, such as the JetBrains TeamCity authentication vulnerability, which allows attackers to gain full control over systems. For example, 16% of SonicWall customers were exposed to attacks using this vulnerability, most of which occurred in March.
PowerShell, a powerful automation and integration tool for Windows operating systems, is also used by cybercriminals. More than 90% of large malware families, such as AgentTesla and LokiBot, actively use PowerShell for their own purposes. Despite efforts to prevent such attacks, attackers are finding new ways to bypass security mechanisms.
An important factor in the growth in the number of such attacks was the vulnerability CVE-2023-1389, related to the injection of commands into TP-Link devices, which affected 21% of small and medium-sized enterprises. The SonicWall report highlights the importance of strengthening cybersecurity measures to protect against growing threats. Experts recommend paying special attention to the security of IoT devices and improving the protection of supply chains.
Source
SonicWall has published a semi-annual report on cyber threats for 2024. In the first half of the year, attacks on the supply chain increased significantly, the number of malicious software for Internet of Things (IoT) devices increased, and the use of PowerShell by attackers increased. The report is based on data collected during this period and provides a better understanding of current threats and trends in the industry.
One of the key changes was the introduction of a new threat measurement system — TICKS. Instead of counting each firewall attack as previously done (HITS), the number of hours that the firewall is exposed to malware is now measured. This allows you to get a more accurate picture and simplifies data analysis.
Attacks on business email (BEC) have increased significantly. According to SonicWall, for every ransomware attack, there are ten BEC incidents, and 70% of such attacks involve various methods of social engineering.
In the first half of 2024, the number of attacks on IoT devices increased by 107%. On average, they were under attack for 52.8 hours. The main reason for this vulnerability is the low level of security of IoT devices, which makes them easy targets for cybercriminals.
83% of alerts received from SonicWall managed services are related to cloud applications and compromised credentials. This confirms the continued growth of cloud services as targets for attacks in 2024 and beyond.
Supply chain attacks are becoming more frequent and complex. This year, serious security flaws were identified, such as the JetBrains TeamCity authentication vulnerability, which allows attackers to gain full control over systems. For example, 16% of SonicWall customers were exposed to attacks using this vulnerability, most of which occurred in March.
PowerShell, a powerful automation and integration tool for Windows operating systems, is also used by cybercriminals. More than 90% of large malware families, such as AgentTesla and LokiBot, actively use PowerShell for their own purposes. Despite efforts to prevent such attacks, attackers are finding new ways to bypass security mechanisms.
An important factor in the growth in the number of such attacks was the vulnerability CVE-2023-1389, related to the injection of commands into TP-Link devices, which affected 21% of small and medium-sized enterprises. The SonicWall report highlights the importance of strengthening cybersecurity measures to protect against growing threats. Experts recommend paying special attention to the security of IoT devices and improving the protection of supply chains.
Source
