Thursday, January 21, 17:38
Home security Microsoft: What are its new findings on cyber threats?

Microsoft: What are its new findings on cyber threats?

Η Microsoft published a new 88-page report (Microsoft Digital Defense Report), which describes its main findings on the general trends in the cyber threat landscape over the past year and a half.

Microsoft

Cyber ​​attacks

During 2020, many took place attacks related to COVID-19. However, according to Microsoft, these attacks were minimal compared to the total malware attacks occurred during these months. The pandemic played only a small role in hacking businesses of 2020.

The phishing attacks in business was very common during this time. The attackers were creating fake addresses that seemed to come from well-known companies, such as Microsoft, UPS, Amazon, Apple and Zoom. Microsoft said it blocked more than 13 billion malicious and suspicious messages in 2019, of which more than 1 billion contained URLs created for phishing.

Phishing is usually the first step in Business Email Compromise (BEC) scams. Scammers gain access to the inbox of a company executive, monitor their communications, then send messages to employees, pretending to be executives, and request large sums of money to be transferred to accounts.

However, Microsoft says attackers do not just use Phishing techniques to access accounts. They also take advantage of the habit of users to use the same passwords on different accounts and adopt "Password spray" techniques targeting old protocols e-mail, such as IMAP and SMTP. These attacks have been very popular in recent months, as they allow bypass multi-factor authentication (IMAP and SMTP connection does not support this feature).

In addition, Microsoft has observed that many hacking groups exploit public cloud-based public utilities services to save payloads for their attacks. They do not use their own servers. Finally, the teams change domains and servers much faster to avoid detection.

Ransomware

The most important threat in the last year and a half was ransomware. The most dangerous hackers were the so-called "big game hunters", Ie those who target large companies, from which they can earn a lot of money.

In most cases, attackers gain access to a network and wait for the right time to come. attack. According to Microsoft, this year ransomware gangs were very active and significantly reduced the time it took to launch an attack.

In some cases, criminals it took just 45 minutes to encrypt the entire network after initial access.

States hacking teams

The government hacking teams, also known as APT, have also been very active in the last year. From July 2019 to June 2020, Microsoft sent more than 13.000 alerts to its customers to alert them to this threat.

Most of the attacks came from Russians hackers and The victims were mainly in the USA.

The alerts alerted customers mainly to phishing attacks. Microsoft said it tried to crack down on some of these attacks by using court orders to close malicious domains.

According to the report, The primary targets of the APT attacks were non-governmental organizations. This finding contradicts other reports. Many experts argue that APT teams prefer to target critical infrastructure.

The most common tactics used by these hackers are:

  • Password spraying (Phosphorus, Holmium and Strontium)
  • Use of penetration testing tools (Holmium)
  • Spear-phishing attacks (Thallium)
  • Use web shells on backdoor servers (Zinc, Krypton, Gallium)
  • Use of exploits targeting VPN servers (Manganese)

Overall, Microsoft concludes that criminal gangs are developing more sophisticated techniques for their attacks as companies continually improve their defenses.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Digital Fortress
Digital Fortresshttps://www.secnews.gr
Pursue Your Dreams & Live!

LIVE NEWS

00:02:35

Bill Gates: Will he work with Biden on COVID-19 / climate change?

Microsoft co-founder Bill Gates said on Twitter that he is looking forward to working with the new US President, Joe Biden, and ...

What are the rumors circulating about the iPhone 13?

Apple iPhone 13 will have a redesigned Face ID system that will have a smaller notch at the top of the screen, ...

Biden: How was the political transition in the US captured on social media?

As Joe Biden was sworn in as President of the United States, this important political transition was captured on popular social media. On January 20, ...

CentOS ceases to be supported but RHEL is offered for free

Last month, Red Hat caused a great deal of concern in the Linux world when it announced the discontinuation of CentOS Linux.

Microsoft Office 365 employee passwords leaked online!

A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection (ATP) and ...

COSMOTE and Microsoft provide new cloud solutions for businesses

COSMOTE and Microsoft expand their cooperation, offering even more advanced and high quality cloud solutions, in large and small ...

Cyber ​​attacks in Eastern Europe are on the rise!

The cyber-attacks that have taken place in many US government agencies and companies in recent months have caused concern in the developing countries of ...

Tesla reduces the prices of the Model 3 in Europe

Tesla has reduced the prices of the Model 3 in many European markets, which reductions could be partly linked ...

iOS, Android, XBox users in the crosshairs of a new malvertising campaign

Recently a new malvertising campaign was discovered that targets users of mobile and other connected devices and uses effective ...

Microsoft: "Zero trust" protects against sophisticated hacking attacks

According to Microsoft, the techniques used by the hackers of SolarWinds, were sophisticated but common and preventable. To avoid future attacks ...