Subj : Ransomware threats are surging once again - here's what your busi
To   : All
From : TechnologyDaily
Date : Tue Jun 04 2024 11:45:05

Ransomware threats are surging once again - here's what your business needs 
to know

Date:
Tue, 04 Jun 2024 10:38:19 +0000

Description:
Here is how hackers access your devices, and when they usually deploy 
ransomware encryptors.

FULL STORY
======================================================================

2023 was a big year for ransomware , with the number of threats rising after 
a two-year decline, breaking a six-year record, new research has claimed. 

A report from Mandiant has revealed the rising popularity of 
ransomware-as-a-service (RaaS), also means the barrier for entry has been 
severely reduced, and as a result, the number of victims posted on data leak 
sites rose substantially. 

As per the paper, there has been a 75% increase in the number of businesses 
posted on data leak sites between 2022 and 2023, with organizations across 
110 countries affected. Bye bye, Cobalt Strike 

Many old and known ransomware families have also been getting new variants, 
signaling ongoing development and resource sharing among the cybercriminal 
community. In fact, roughly a third of all new ransomware families Mandiant 
observed and tracked in 2023 were variants of previously identified versions. 

Mandiant also says that while ransomware variants are changing, the attackers 
are also pivoting to new tools when it comes to initial access. While in 
earlier years, malicious tools were dominating, they are now slowly being 
replaced with legitimate tools being used for malicious purposes. Most 
notably, Cobalt Strike, a super popular threat emulation tool that was 
essentially hijacked by cybercriminals, is slowly being phased out. In its 
place are now multiple legitimate remote access tools. 

Hackers are also moving faster than before, cutting down on dwell time and 
deploying ransomware sooner, Mandiant says. In almost a third of incidents, 
ransomware was deployed within 48 hours of initial attacker access, which 
means threat actors are now better at mapping out IT infrastructure, networks 
and systems. 

Finally, they are still running encryptors in the after-hours: more than 
three-quarters (76%) of all ransomware deployments happened outside of work 
hours, usually in the early morning. More from TechRadar Pro A new ransomware 
is hijacking Windows BitLocker to encrypt and steal files Here's a list of 
the best firewalls today These are the best endpoint protection tools right 
now



======================================================================
Link to news story:
https://www.techradar.com/pro/security/ransomware-threats-are-surging-once-aga
in-heres-what-your-business-needs-to-know


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.