HP Inc has issued its quarterly HP Wolf Security Threat Insights Report, showing attackers are relying on open redirects, overdue invoice lures, and Living-off-the-Land (LotL) techniques to sneak past defences. The report provides an analysis of real-world cyberattacks, helping organizations to keep up with the latest techniques cybercriminals use to evade detection and breach PCs in the fast-changing cybercrime landscape.
Based on data from millions of endpoints running HP Wolf Security, notable campaigns identified by HP threat researchers include:
Patrick Schläpfer, Principal Threat Researcher in the HP Wolf Security threat research team, comments:
“Targeting companies with invoice lures is one of the oldest tricks in the book, but it can still be very effective and hence lucrative. Employees working in finance departments are used to receiving invoices via email, so they are more likely to open them. If successful, attackers can quickly monetize their access by selling it to cybercriminal brokers, or by deploying ransomware.”
By isolating threats that have evaded detection-based tools – but still allowing malware to detonate safely – HP Wolf Security has specific insight into the latest techniques used by cybercriminals. To date, HP Wolf Security customers have clicked on over 40 billion email attachments, web pages, and downloaded files with no reported breaches.
The report details how cybercriminals continue to diversify attack methods to bypass security policies and detection tools. Other findings include:
Dr. Ian Pratt, Global Head of Security for Personal Systems at HP Inc., comments:
“Living-off-the-Land techniques expose the fundamental flaws of relying on detection alone. Because attackers are using legitimatetools, it’s difficult to spot threats without throwing up a lot of disruptive false positives. Threat containment provides protection even when detection fails, preventing malware from exfiltrating or destroyinguser dataor credentials, and preventing attacker persistence. This is whyorganizations shouldtake a defence-in-depth approach to security, isolating and containing high-risk activities to reduce their attack surface.”
HP Wolf Security** runs risky tasks in isolated, hardware-enforced disposable virtual machines running on the endpoint to protect users, without impacting their productivity. It also captures detailed traces of attempted infections. HP’s application isolation technology mitigates threats that slip past other security tools and provides unique insights into intrusion techniques and threat actor behavior.
Dangote Petroleum Refinery & Petrochemicals has announced another reduction in the ex-depot price of Premium…
Zamfara State Government under the leadership of Governor Dauda Lawal has earmarked N7.2 billion for…
BY OLADAPO SOFOWORA In the relentless theatre of Lagos' environmental space, the stakes are measured…
The Executive Chairman of the Oyo State Universal Basic Education Board (OYOSUBEB), Dr. Nureni Aderemi…
The Executive Chairman of Ikeja Local Government, Comrade Akeem Olalekan Dauda (AKOD), on Wednesday joined…
Golden Eaglets stars, Raheem Moyinoluwa Salaudeen and Fawas Ayomide Adeleke, are set to resume preparations…