Threat Intelligence Blog

Contact us to discuss any insights from our Blog, and how we can support you in a tailored threat intelligence report.

Antony Cleal Antony Cleal

Week in review 17 November 2019: phishing targeting webmail, insider threats, how ransomware strikes, cyber skills shortages

Week in review 17 November 2019: phishing targeting webmail, insider threats, how ransomware strikes, cyber skills shortages

Round up of the most significant open source stories of the last week

Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.


Phishing Increasingly Targets SaaS, Webmail

How can companies protect their sensitive data and prevent employees from falling prey to phishing attacks?

In today’s digital age, virtually every organisation must wage a cybersecurity battle to protect its data. Winning this battle requires engaging security experts, securing assets, strengthening authentication and educating users.

According to the Anti-Phishing Working Group’s (APWG) Phishing Activity Trends Report, 1st Quarter 2019, phishing of software-as-a-service (SaaS) and webmail services has surpassed phishing of payment services for the first time. SaaS and webmail are now the most-targeted sectors, suffering 36% of phishing attacks (compared to 27% for payment services). The report emphasizes that usernames and passwords are not enough to protect against phishing and underscores the need for strong authentication.

Phishing, one of the most prevalent types of cybersecurity attacks, attempts to steal user credentials and corporate data via users’ email inboxes. Hackers posing as legitimate businesses send e-mails with links that lead unsuspecting users to bogus websites. The hackers’ goal is to deceive recipients into revealing usernames and passwords, which allow them to gain access to private company data.

Read the full article here: https://securityboulevard.com/2019/11/phishing-increasingly-targets-saas-webmail/


Insider Threats, a Cybercriminal Favourite, Not Easy to Mitigate

Rogue employees — not just external threat groups — pose a formidable threat to incident response teams.

Insider threats are an ongoing top danger for companies — but when it comes to mitigation efforts, incident-response teams face an array of challenges.

Discussions with various incident-response teams revealed that between 25 to 30 percent of data breaches involved an external actor working with an internal person in an organisation, according to a senior security architect with OpenText.

We used to focus on external threat actors, but now, when compromising the network, many have someone on the inside, whether it’s because they bribed them or blackmailed them

Read the full article here: https://threatpost.com/insider-threats-cybercriminal-favorite/150128/


 How ransomware attacks

More than a decade after it first emerged, is the world any closer to stopping ransomware?

Judging from the growing toll of large organisations caught out by what has become the weapon of choice for so many criminals, it’s tempting to conclude not.

The problem for defenders, as documented in SophosLabs’ new report How Ransomware Attacks, is that although almost all ransomware uses the same trick – encrypting files or entire disks and extorting a ransom for their safe return  – how it evades defences to reach data keeps evolving.

This means that a static analysis technique that stopped a strain of ransomware today may not stop an evolved counterpart in just a few weeks time. This creates a major challenge for organisations and security companies alike.

As the growing number of high-profile ransomware attacks reminds us, sugar coating the issue would be deluded – ransomware has grown as an industry because it works for the people who use it, which means it beats the defences of victims often enough to deliver a significant revenue stream.

For the full article click here: https://nakedsecurity.sophos.com/2019/11/15/how-ransomware-attacks/

To go straight to the Sophos report click here: https://www.sophos.com/en-us/medialibrary/PDFs/technical-papers/sophoslabs-ransomware-behavior-report.pdf


 Cybersecurity Skills Shortage Tops Four Million

Global IT security skills shortages have now surpassed four million, according to (ISC)2.

The certifications organization compiled its latest Cybersecurity Workforce Study from interviews with over 3200 security professionals around the world.

The number of unfilled positions now stands at 4.07 million professionals, up from 2.93 million this time last year. This includes 561,000 in North America and a staggering 2.6 million shortfall in APAC.

The shortage of skilled workers in the industry in Europe has soared by more than 100% over the same period, from 142,000 to 291,000.

The report estimated the current global workforce at 2.93 million, including 289,000 in the UK and 805,000 in the US.

Nearly two-thirds (65%) of responding organizations reported a shortage of cybersecurity staff, with a lack of skilled or experienced security personnel their number one workplace concern (36%).

Read the full article here: https://www.infosecurity-magazine.com/news/cybersecurity-skills-shortage-tops/

Read More