Fortinet FortiGuard Labs today unveiled the findings of its latest Global Threat Landscape Report. The research reveals an evolution of malware to exploit cryptocurrencies.
Recent reports of large data breaches are alarming for everyone. Customers worry about the implications of having their financial and personal information hijacked. The organizations that were compromised worry about both the near-term and the long-term effects on their business. And other organizations worry if they will be next. Two things are certain, though. The cost of a data breach is going to be really expensive, and it’s not going to be the last time it happens.
Unless you’ve been entirely off the grid, you have probably heard that a number of high-profile organizations have recently been targeted by ransomware. It’s part of a growing trend that has the potential to impact large numbers of people, with potentially devastating consequences.
FortiGuard Labs just released our latest Quarterly Threat Landscape report for Q4 of 2017. As usual, there are a lot of take-aways for CISOs, but a few items stood out. In particular, attacks were up per firm by 82% and swarm cyber attacks targeted the Internet of Things (IoT) with growing intensity.
Fortinet FortiGuard Labs has come across a ransomware that only accepts Monero – an open source cryptocurrency created in 2014 – for payment, signaling a shift away from the widely used and accepted standard Bitcoin in the ransomware space. Ransomware authors are aware of current trends and events, and appear to be taking advantage of all the hype surrounding the cryptocurrency craze.
Visa Payment Systems Intelligence recently announced that cybercriminals are threatening the payments ecosystem by leveraging a vulnerable Microsoft Dynamic Data Exchange protocol in phishing campaigns. This phishing attack relies on the Dynamic Data Exchange (DDE) protocol for infection instead of the usual malicious macros or an exploit kit. FortiGuard Labs has issued three IPS signatures that defend our customers against these attacks.
FortiGuard Labs has been actively monitoring FALLCHILL and validating all IOCs, whether we discovered them ourselves through one of our millions of sensors deployed around the world, or collected from the hundreds of threat sharing feeds we subscribe to. Our comprehensive threat information-sharing program includes Governments, Certs, and Strategic Partners from around the world.
A new ransomware campaign dubbed “Bad Rabbit” has hit a number of high profile targets in Russia and Eastern Europe. First detected on October 24th, 2017, Bad Rabbit was originally detected in Russia and Ukraine, along with a small number of infections reported in parts of eastern Europe, Turkey, and Germany. However, the attack now appears to be spreading to other regions, including reports from South Korea and the US.