LogoKit Group Aims for Simple Yet Effective Phishing
A phishing kit that uses embedded JavaScript targeted the users of more than 300 sites in the past week, aiming to grab credentials for SharePoint, Adobe Document Cloud, and OneDrive.
A relatively new phishing kit uses embedded JavaScript to dynamically change elements of spoofed webpages to more easily fool users.
The adoption of the phishing tool, called LogoKit, has seemingly accelerated, with 700 domains running the kit in the past month 300 of those in only the last week and targeting users of popular domains, such as Microsoft SharePoint and OneDrive, according to an analysis by cybersecurity firm RiskIQ. The attack tool is both simple and versatile, integrating with the presentation elements of a webpage and allowing it to change the look and feel of the website on the fly, the company said.
Breach Data Highlights a Pivot to Orgs Over Individuals
In 2020, breaches were down by 19%, while the impact of those compromises measured in people affected fell by nearly two-thirds.
Both the number of data breaches and the number of individuals affected by data breaches plummeted in 2020, as attackers moved away from collecting mass amounts of information and instead targeted user credentials as a way to infiltrate corporate networks to install ransomware.
That s according to a new report, out Jan. 28 from the Identity Theft Resource Center, which estimates that more than 300 million individuals were affected by data breaches in 2020, a large number but a drop of 66% over the previous year. In addition, the number of reported data breaches fell to 1,108, a decline of 19% over 2019.
Pay-or-Get-Breached Ransomware Schemes Take Off
In 2020, ransomware attackers moved quickly to adopt so-called double extortion schemes, with more than 550 incidents in the fourth quarter alone.
The pay or get breached ransomware trend also known as the double extortion scheme took off in 2020, despite the prolific Maze Team s Nov. 1 announcement that it would be discontinuing operations.
Using data collected by automated feeds, cyber-risk firm Digital Shadows documented 550 double-extortion postings on data leak sites maintained by more than a score of ransomware groups. By far, the industrial goods and services sector bore the brunt of ransomware attacks, with 29% of all 2020 attacks targeting the industry, while businesses in North America accounted for two-thirds of all attacks, Digital Shadows discovered.
Companies need to keep SOC workers ready to detect attacks early and respond to intrusions quickly, says Adi Dar, CEO of Israel-based Cyberbit. With every sports team, if you don t train as a team, there is no way they will be able to work together at game time, he says. I don t know why companies expect a team that has not trained together under pressure to work well when there is an attack.
The training regimen of cybersecurity professionals in enterprise SOCs remains a problem, especially because demand for cybersecurity professionals remains high. In April, jobs board Indeed.com saw postings for technology and cybersecurity professionals drop 30%. However, those categories did better than the overall market during the pandemic, accounting for an 11% greater share of the posted positions.
One of the great challenges we face in the United States, in particular is the relative asymmetry of the threat in cyber, she said in response to senators questions. It is relatively easy for adversaries to hold at risk what are high-value assets to the United States given how much we rely on cyber and digital work for our economy, for our security [and] for so many different issues.
In the wake of the SolarWinds supply chain attack that has led to thousands of compromises at companies and government agencies, cybersecurity officials will have to scramble to get up to speed. While the issue is not listed on the Biden administration s page of policy priorities, the incoming administration has already made several appointments that indicate its direction. In addition to the two cabinet-level posts, former National Security Agency cyber expert Rob Joyce will become deputy national security advisor for cyber and emerging technology for the National Security Council (NSC), repl