Exploitation Zero-Day Vulnerabilities For Remote Access Became Prime Target
The cybersecurity landscape in 2024 has been marked by a significant surge in malware and vulnerabilities.
The Key trends include the expansion of Ransomware-as-a-Service (RaaS), an increase in software supply chain attacks, and the exploitation of zero-day vulnerabilities by APTs.
Cybersecurity analysts at Recorded Future unveiled the “H1 2024 Malware and Vulnerability Trends Report,” which illustrates how threat actors have adapted their strategies, particularly exploiting zero-day vulnerabilities.
Exploitation of Zero-Day Vulnerabilities
The current cybersecurity landscape is dominated by the infostealer malware, which captures sensitive data.
There was a 103% increase in Magecart scams where hackers reside and inject code into e-commerce platforms to steal payment information.
The report reads that ransomware groups that encrypt data for ransom have been using execution validation techniques like password protection to help them evade the analysis procedures.
Threat actors and state-sponsored actors have been using widely deployed remote access software like Ivanti Secure Connect, PAN-OS, and Microsoft SmartScreen.
While these evolving tactics have left organizations vulnerable to sophisticated cyber threats which highlight that the organization needs to implement robust cybersecurity measures.
The second half of 2024 marked a major rise in Cybersecurity threats. Remote management platforms and security software that had zero-day types of vulnerabilities were found to be very popular among threat actors.
However, the infostealers remained the prime type of malware used, with the most active “LummaC2” extending its lead over RedLine in the harvesting of credit cards and login data.
Ransomware groups like Fog, RansomHub, and 3AM evolved their tactics, using password-validated payloads to restrict analysis and evade detection.
Moreover, they made use of various malware loaders such as GuLoader and Remcos to add more sophistication to their attacks.
Over the course of the year, Magecart-style attacks that enable threat actors to inject malicious code into e-commerce platforms and steal personal information almost doubled by making use of weak points in the Adobe Commerce system and new e-skimmers like “Sniffer by Fleras.”
This diverse array of threats, from sophisticated zero-day exploits to evolving ransomware techniques and the rise of e-commerce attacks, underscores the need for robust, multi-layered cybersecurity measures across all sectors.
The remainder of 2024 is anticipated to witness a significant rise in the exploitation of newly identified vulnerabilities in popular enterprise software.
Besides this, the infostealers are expected to dominate the malware landscape.
Recommendations
Here below we have mentioned all the recommendations:-
- Improve Patch Management
- Implement Heuristic and Behavior-Based Detection
- Educate Employees
- Strengthen E-commerce Security