Tracking manual attacks may deliver zero-day previews
by nlqip
![Malware attack virus alert , malicious software infection , cyber security awareness training to protect business information from threat attacks](https://kartwheelnewz.info/wp-content/uploads/2024/05/Tracking-manual-attacks-may-deliver-zero-day-previews.jpg)
That means that CISOs should make sure that systems are trying to differentiate between automated and manual attacks. And to then examine manual attacks very carefully, Harrigan said.
CISOs should “spend extra time” examining the manual attack attempts, he said, as doing so may give the security operations center a sneak preview of a zero-day, thereby giving them the ability to tweak defenses to try to thwart an imminent attack conducted potentially at scale by follow-on bots.
“Every time [an attacker] knocks off a piece of armor, somebody figures out how to make a better piece of armor,” Harrigan said. “It’s always a cat and mouse game.”
The Lexis-Nexis report — available here — also identified the 2023 geographies must likely to have launched attacks as “parts of Southeast Asia [that] are established homes for dedicated remote scam centers. Cybercriminals favor border areas in Cambodia, Myanmar, and remote parts of Thailand.”
Addressing fraud and scams, rather than cybercrime in general, the report noted several trends over the past few years.
“In APAC, third-party account takeover has become even more dominant than in 2022, driven by a relentless scam pandemic across the region which for now is primarily fueling subsequent unauthorized fraud attempts, in contrast with the authorized transfer scams seen in EMEA,” LexisNexis researchers wrote. “Bonus abuse worsened in both EMEA and LATAM, linked to both gaming and gambling and ecommerce. North America saw significant YOY percentage growth of true identity theft in 2023, offsetting a decline in third-party chargeback fraud as a percentage of all classifications.”
Source link
lol
That means that CISOs should make sure that systems are trying to differentiate between automated and manual attacks. And to then examine manual attacks very carefully, Harrigan said. CISOs should “spend extra time” examining the manual attack attempts, he said, as doing so may give the security operations center a sneak preview of a zero-day,…
Recent Posts
- French Authorities Launch Operation to Remove PlugX Malware from Infected Systems
- Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials
- Secure Boot no more? Leaked key, faulty practices put 900 PC/server models in jeopardy
- Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services – Krebs on Security
- Friday Squid Blogging: Sunscreen from Squid Pigments