Hacktivism

Radware 2024 Report: Malicious Web Application and API Transactions Rise 171% Driven by Layer 7 Web DDoS Attacks

Retrieved on: 
Giovedì, Febbraio 29, 2024
Cloud, Software, Intelligence, API, Education, DNS, Health, Transport, Generative, Government, Hacktivism, Synthetic media, Health care, Organization, Domain name, TCP, Denial-of-service attack, Research, Travel, Arms industry

On a regional basis, the increase in the number of DDoS attacks targeting customers varied:

Key Points: 
  • On a regional basis, the increase in the number of DDoS attacks targeting customers varied:
    The Americas were targeted by almost half of all global DDoS attacks.
  • The EMEA region, accounting for 39% of the DDoS attacks, mitigated 65% of the global DDoS attack volume.
  • The total malicious web application and API transactions increased by 171% in 2023 compared to 2022.
  • A significant part of this increase in activity can be attributed to layer 7 encrypted web application attacks or Web DDoS attacks.

Dragos OT Cybersecurity “Year in Review” Reports Rise in Geopolitically Driven Attacks, Ransomware, and Threat Groups

Retrieved on: 
Martedì, Febbraio 20, 2024
Software, Technology, Data Management, Security, Internet, Necessity and sufficiency, Research, Commonwealth, POC, Aviation, Stage 2, Government, Rockwell Automation, Independence, Hacktivism, OT, Organization, ICS, Telecommunications, Denial-of-service attack, Environment, Inc., Separate, Oracle Applications, Arms industry

Dragos Inc., the global leader in cybersecurity for operational technology (OT) environments, today released its sixth annual Dragos OT Cybersecurity Year in Review report, the most comprehensive report on cyber threats facing industrial organizations.

Key Points: 
  • Dragos Inc., the global leader in cybersecurity for operational technology (OT) environments, today released its sixth annual Dragos OT Cybersecurity Year in Review report, the most comprehensive report on cyber threats facing industrial organizations.
  • “OT cyber threats reached a tipping point in 2023,” said Robert M. Lee, co-founder and CEO of Dragos.
  • With these additions, Dragos analysts now track 21 Threat Groups worldwide that have been observed as being engaged in OT operations in 2023.
  • The 2023 Dragos OT Cybersecurity Year in Review is an annual overview and analysis of OT-focused global threat activities, vulnerabilities, and industry insights and trends.

DDoS Attacks on Financial Services Industry Up 154%, According to New FS-ISAC/Akamai Report

Retrieved on: 
Mercoledì, Marzo 6, 2024
Attack, Critical, Growth, Data-rate units, Smoke, Hacktivism, MPPs, AKAM, Organization, Denial-of-service attack, Research, Insurance, Hygiene, Arms industry

RESTON, Va. and CAMBRIDGE, Mass., March 6, 2024 /PRNewswire/ -- FS-ISAC, the member-driven, not-for-profit organization that advances cybersecurity and resilience in the global financial system, and Akamai Technologies, Inc. (NASDAQ: AKAM), the cloud company that powers and protects life online, today released new research on the surge of distributed denial-of-service (DDoS) attacks threatening the financial services sector and its customers.

Key Points: 
  • The report, DDoS: Here to Stay , revealed that more than one-third (35%) of all DDoS attacks in 2023 were aimed at the financial services industry, which has surpassed the gaming sector as the most-attacked vertical.
  • Driven by a dramatic surge in the power of botnets and hacktivism motivated by the Russia-Ukraine War, the financial services industry experienced a 154% increase in DDoS attacks between 2022 to 2023.
  • Hacktivists and DDoS attacks can disrupt business operations, leading to a loss of credibility, customer trust, and financial damage.
  • In APAC, financial services ranked as the third-most attacked sector, representing 11% of DDoS attacks.

Akamai Research Finds 65% Increase in Web Application and API Attacks on Financial Services

Retrieved on: 
Mercoledì, Settembre 27, 2023
APJ, Intelligence, Hacktivism, High Stakes, PCI DSS, Attack, Financial services, API, Financial Services Information Sharing and Analysis Center, Akamai Technologies, Denial-of-service attack, Research, LFI, PCI, Growth, Assault, AKAM, Cryptocurrency, Arms industry, Online shopping

CAMBRIDGE, Mass., Sept. 27, 2023 /PRNewswire/ -- Akamai Technologies, Inc. (NASDAQ: AKAM), the cloud company that powers and protects life online, today released  a new State of the Internet report that explores existing and emerging cyberattacks against the financial services industry. The new report, The High Stakes of Innovation: Attack Trends in Financial Services, includes regional data as well as a look into what is driving the increased number of attacks against the sector.

Key Points: 
  • The report notes that application and API attacks in the financial services vertical grew by 65% when comparing Q2 2022 with Q2 2023.
  • The High Stakes of Innovation: Attack Trends in Financial Services report shows that financial services has surpassed gaming as the top vertical for DDoS attacks.
  • Financial services remains the most targeted web attack vertical in the Asia, Pacific, Japan (APJ) region, which experienced nearly 50% of all web application and API attacks during the reporting period.
  • "Financial services is heavily targeted by attackers with both old and new security threats," said Steve Winterfeld, Advisory CISO at Akamai.

Surge in Cybercrime: Check Point 2023 Mid-Year Security Report Reveals 48 Ransomware Groups Have Breached Over 2,200 Victims

Retrieved on: 
Mercoledì, Agosto 23, 2023
Human Security Report Project, University, RaaS, USB, Check Point, Cyberattack, Security, Organization, Conti, SAN, Dust, Artificial intelligence, Threat intelligence, Hacktivism, Research, CPR, The Royal Family (play), Geography, Arms industry, Cryptocurrency, Hive

SAN CARLOS, Calif., Aug. 23, 2023 (GLOBE NEWSWIRE) -- Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, has unveiled its 2023 Mid-Year Security Report.

Key Points: 
  • SAN CARLOS, Calif., Aug. 23, 2023 (GLOBE NEWSWIRE) -- Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, has unveiled its 2023 Mid-Year Security Report.
  • The report also showcases how ransomware attacks have escalated in the first half of the year with new ransomware groups coming into the scene.
  • Key insights from the 2023 Mid-Year Security Report include:
    Ransomware groups have stepped up their game, exploiting vulnerabilities in commonly used corporate software and shifting their approach from data encryption to data theft.
  • In H1 2023, 48 ransomware groups have breached over 2,200 victims, with Lockbit3 being the most active, reporting a 20% increase in victims compared to H1 2022.

Radware Report Ranks Top 15 Most Active Political and Religious Hacktivists

Retrieved on: 
Mercoledì, Aprile 26, 2023
Panic, Hacktivism, Perseverance, Travel, Attack, Killnet, OpIsrael, OpIndia, Education, Denial-of-service attack, Intelligence, Medicine, Mystery Team, Government, Russo-Ukrainian War, Organization, Chosen-ciphertext attack, Health, Noname057(16), Retail, Arms industry, Telegraphy

The tell-all report provides an in-depth, comparative analysis of the motivations, targets, tactics and techniques, and DDoS activities of the world’s top 15 most active political and religious hacktivists groups.

Key Points: 
  • The tell-all report provides an in-depth, comparative analysis of the motivations, targets, tactics and techniques, and DDoS activities of the world’s top 15 most active political and religious hacktivists groups.
  • The findings in Hacktivism Unveiled are based on the tracking and analysis of messages from active hacktivists groups on Telegram during the period between Feb. 18 - April 18, 2023.
  • NoName057(16) is by far the most active DDoS hacktivist among the politically driven, pro-Russian hacktivists.
  • Business and government websites were attacked by most of the top hacktivist groups that were tracked in the report.

Mend.io Finds Over 80 Percent of Malicious Packages in Existing Code Bases Capable of Data Exfiltration

Retrieved on: 
Martedì, Aprile 11, 2023
Registry, Hacktivism, TEL, Software, Attention, Risk, RubyGems, MEND, Online shopping

TEL AVIV, Israel and BOSTON, April 11, 2023 /PRNewswire/ -- Mend.io, a leader in application security, released findings today from its latest report "Malicious Packages Special Report: Attacks Move Beyond Vulnerabilities" which illustrates the growing threat of malicious packages. From 2021 to 2022, the number of malicious packages published to npm and rubygems alone grew 315 percent. Unlike vulnerabilities, which can and do often exist for months or years in application code without being exploited, a malicious package represents an immediate threat to an organization, intentionally designed to do harm. In the war for cybersecurity, attackers are innovating faster than companies can keep up with the threats coming their way. A new approach is needed to stay ahead of the impacts of malicious packages within applications.

Key Points: 
  • From 2021 to 2022, the number of malicious packages published to npm and rubygems alone grew 315 percent.
  • A new approach is needed to stay ahead of the impacts of malicious packages within applications.
  • Using its latest feature enhancement, 360° Malicious Package Protection , Mend.io detected thousands of malicious packages in existing code bases.
  • Nearly 85 percent of malicious packages discovered in existing applications were capable of exfiltration – causing an unauthorized transmission of information.

Trellix Finds LockBit Ransomware Gang Most Apt to Leak Stolen Data

Retrieved on: 
Mercoledì, Febbraio 22, 2023
Software, Networks, Internet, Data Management, Technology, Online Privacy, Mobile, Wireless, Security, Hive, Transport, XDR, BEC, Intelligence, Organization, APT, Houston Advanced Research Center, Government, URL, Hacktivism, Telemetry, Threat, Cryptocurrency, Trellix

“Q4 saw malicious actors push the limits of attack vectors,” said John Fokker, Head of Threat Intelligence, Trellix Advanced Research Center.

Key Points: 
  • “Q4 saw malicious actors push the limits of attack vectors,” said John Fokker, Head of Threat Intelligence, Trellix Advanced Research Center.
  • Key findings include:
    LockBit 3.0 Most Aggressive with Ransom Demands: While no longer the most active ransomware group according to Trellix telemetry – Cuba and Hive ransomware families generated more detections in Q4 – the LockBit cybercriminal organization’s leak site reported the most victims.
  • This data makes LockBit the most aggressive in pressuring their victims to comply with ransom demands.
  • Trellix observed 69% of detected malicious activity linked to nation-state backed APT actors targeting transportation and shipping, followed by energy, oil, and gas.

New Report Finds Increase in DDoS Attacks Targeting the Financial Services Industry

Retrieved on: 
Martedì, Gennaio 31, 2023
Killnet, Akamai Technologies, Hacktivism, AKAM, Denial-of-service attack, Intelligence, AAS, Organization, Evolution, Research, Attack, Arms industry

RESTON, Va. and CAMBRIDGE, Mass., Jan. 31, 2023 /PRNewswire/ -- FS-ISAC, the member-driven, not-for-profit organization that advances cybersecurity and resilience in the global financial system, and Akamai Technologies, Inc. (NASDAQ: AKAM), the cloud company that powers and protects life online, today released new research on the threat that Distributed Denial-of-Service (DDoS) attacks pose to the financial services sector.

Key Points: 
  • The report, titled, The Evolution of DDoS: Return of the Hacktivists, notes that 2022 saw a 22 percent uptick in the volume of DDoS attacks targeting financial firms.
  • This is especially true across Europe, where the attacks increased by 73 percent, and where financial services were the target of 50 percent of all DDoS assaults.
  • The Evolution of DDoS: Return of the Hacktivist finds that much of the increase in DDoS attacks is driven by groups that have taken sides in the Russia-Ukraine war or other geopolitical conflicts.
  • Other major findings of the report include:
    Taking a cue from ransomware attacks, many DDoS campaigns now include extortion tactics.

Check Point Software Releases its 2023 Security Report Highlighting Rise in Cyberattacks and Disruptive Malware

Retrieved on: 
Mercoledì, Febbraio 8, 2023
Cloud, Education, Research, Automation, CPR, Threat intelligence, Eye, Security, Reading, Risk, Russo-Ukrainian War, Hacktivism, IP, Strengthening Education through Research Act, CISO-FM, Organization, Human Security Report Project, Check Point, Weapon, Risk management

NEW YORK, Feb. 08, 2023 (GLOBE NEWSWIRE) -- CPX 360 - Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cybersecurity solutions globally, has published its 2023 Security Report reflecting on a chaotic year in cybersecurity.

Key Points: 
  • NEW YORK, Feb. 08, 2023 (GLOBE NEWSWIRE) -- CPX 360 - Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cybersecurity solutions globally, has published its 2023 Security Report reflecting on a chaotic year in cybersecurity.
  • The report looks back on a tumultuous 2022, which saw cyberattacks reach an all-time high in response to the Russo-Ukrainian war.
  • Key findings from the 2023 Security Report include:
    Hacktivism – The boundaries between state-sponsored cyber operations and hacktivism have become increasingly blurred, as nation-states act with anonymity and impunity.
  • "The increase in the volume of cyberattacks in the next twelve months is a cause for concern," says Maya Horowitz, VP Research at Check Point Software.