Low-tech tactics still top the IT security risk chart
by nlqip
![USB attacks](https://kartwheelnewz.info/wp-content/uploads/2024/05/Low-tech-tactics-still-top-the-IT-security-risk-chart.jpg)
Hyatt’s team recently identified a rogue USB drive used to install the Raspberry Robin malware, which acts as a launchpad for subsequent attacks and gives bad actors the ability to fulfil the three key elements of a successful attack — establish a presence, maintain access and enable lateral movement. “Because it has a loader capability, it can be set to download a cobalt strike beacon to establish that persistence that enables attackers to get initial access and start building that into an environment,” Hyatt tells CSO.
In other domains, he sees threats with malvertising, or malicious ads, that can be widely deployed. A browser not using an ad blocker leaves users vulnerable to clicking on what look like ads or sponsored banners but are actually malicious and can deliver malware to their devices.
The challenge with these kinds of attacks is trying to identify the malicious activity in the exploitation phase when it’s happening. “Post-exploit, there are far more opportunities to identify malicious activity,” he says.
Hyatt sees a risk of organizations placing too much focus on new and innovative attacks and overlooking less sophisticated methods. “By focusing on security hygiene rather than chasing the latest fad, they can be better positioned to prevent low-tech attacks that are often more effective.”
QR codes ripe for exploiting
QR code-based attacks is one area that needs more attention because they seek to exploit the human element that isn’t necessarily trained to be wary of them, according to Deral Heiland, principal security researcher IoT at Rapid7.
Re-emerging with Covid-19, they’re now commonly used in many settings such as freight, accessing Wi-Fi details, authenticating online accounts and transferring payment information and are ripe for exploitation.
Source link
lol
Hyatt’s team recently identified a rogue USB drive used to install the Raspberry Robin malware, which acts as a launchpad for subsequent attacks and gives bad actors the ability to fulfil the three key elements of a successful attack — establish a presence, maintain access and enable lateral movement. “Because it has a loader capability,…
Recent Posts
- Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials
- Secure Boot no more? Leaked key, faulty practices put 900 PC/server models in jeopardy
- Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services – Krebs on Security
- Friday Squid Blogging: Sunscreen from Squid Pigments
- Here Are The 8 Biggest IT Services M&A Deals In Q2 2024