FADEYI TOLULOPE AYOBAMI
Today at its annual Amplify Conference, HP Inc. (NYSE: HPQ) issued the latest HP Threat Insights Report, highlighting rising usage of fake CAPTCHA verification tests which allow threat actors to trick users into infecting themselves.
The campaigns show attackers are capitalizing on people’s increasing familiarity with completing multiple authentication steps online – a trend HP calls ‘click tolerance’.
With analysis of real-world cyberattacks, the HP Threat Insights Report helps organizations to keep up with the latest techniques cybercriminals are using to evade detection and breach PCs. Based on data from millions of endpoints running HP Wolf Security1, notable campaigns identified by HP threat researchers include:
Patrick Schläpfer, Principal Threat Researcher in the HP Security Lab, comments:
“A common thread across these campaigns is the use of obfuscation and anti-analysis techniques to slow down investigations. Even simple but effective defence evasion techniques can delay the detection and response of security operations teams, making it harder to contain an intrusion. By using methods like direct system calls, attackers make it tougher for security tools to catch malicious activity, giving them more time to operate undetected – and compromise victims endpoints.”
By isolating threats that have evaded detection tools on PCs – but still allowing malware to detonate safely inside secure containers – HP Wolf Security has specific insight into the latest techniques used by cybercriminals. To date, HP Wolf Security customers have clicked on more than 65 billion email attachments, web pages, and downloaded files with no reported breaches.
The report, which examines data from calendar Q4 2024, details how cybercriminals continue to diversify attack methods to bypass security tools that rely on detection, such as:
Dr. Ian Pratt, Global Head of Security for Personal Systems at HP Inc., comments:
“Multi-step authentication is now the norm, which is increasing our ‘click tolerance.’ The research shows users will take multiple steps along an infection chain, really underscoring the shortcomings of cyber awareness training. Organizations are in an arms race with attackers—one that AI will only accelerate. To combat increasingly unpredictable threats, organizations should focus on shrinking their attack surface by isolating risky actions – such as clicking on things that could harm them. That way, they don’t need to predict the next attack; they’re already protected.”
Golden Eaglets stars, Raheem Moyinoluwa Salaudeen and Fawas Ayomide Adeleke, are set to resume preparations…
The Bank of Industry (BoI), Nigeria's foremost Development Finance Institution (DFI), has signed a landmark…
United Nigeria Airlines has announced a new partnership between its loyalty programme, Unity Rewards and…
A prominent Yoruba leader and public affairs commentator, Dr. Oyedele Oyewumi, has called on President…
BY FEMI AREMU The approval of eight major federal road projects worth a combined N1.1375…
Notable Niger Delta socio-cultural group, the Orashi National Congress (ONC), has congratulated Professor Princewill R.…