ESET 2nd Quarter Threat Report 2021

Η ESET δημοσίευσε την Έκθεση Απειλών του 2ου τετραμήνου , στην οποία συνοψίζονται τα στατιστικά που καταγράφηκαν από τα συστήματα εντοπισμού της ESET, τα σημαντικότερα ευρήματα για απειλές από τις έρευνες κυβερνοof ESET, as well as data published for the first time in the market.

The recent one της Έκθεσης Απειλών της ESETυπογραμμίζει αρκετές ανησυχητικές τάσεις που καταγράφηκαν από την τηλεμετρία της ESET, όπως οι όλο και πιο επιθετικές τακτικές ransomware, οι πιο εντατικές επιθέσεις τύπου brute-force αλλά και των παραπλανητικών εκστρατειών which target people who work from home and perform many administrative tasks remotely.

eset threat report t2

Ransomware, which saw three major peaks during of the 2nd quarter, presented the largest ransom demands to date. The attack that shut down Colonial Pipeline – the largest pipeline company in the US – and the supply chain attack that exploited a vulnerability in Kaseya's IT management software sent shockwaves beyond the cybersecurity industry.

Both attacks appeared to be aimed at financial gain rather than cyber espionage, with the perpetrators of the Kaseya attack setting an ultimatum for payment of $ 70 million - the highest ransom demand to date.

"Ransomware gangs may have gone too far this time: the authorities' involvement in such high-profile incidents has forced several gangs to leave the field. But the same cannot be said for TrickBot, which seems to have recovered from last year's efforts, doubling its detection and new features, ”explains Roman Kováč, ESET chief research officer.

On the other hand, the definitive Emotet's launch at the end of April 2021 saw downloader detections cut in half compared to Q1 2021.
Password-guessing attacks, which often serve as a gateway for ransomware, increased further in the second four months.

Between May and August 2021, ESET detected 55 billion new brute-force attacks (+104% compared to Q1 2021) against Remote Desktop Protocol services with public . ESET Telemetry also saw an impressive increase in the average daily number of attacks per unique client, which doubled from 1.392 attempts per machine per day in Q1 2021 to 2.756 in Q2 2021.

Exclusive research presented in the Q2 2021 Threat Report includes findings on DevilsTongue spyware, which to spy on human rights defenders, dissidents, journalists, activists, and politicians, as well as a new spear phishing campaign by the APT Dukes group, which remains a primary threat to Western diplomats, NGOs, and think tanks.

A separate section is devoted to the new tools used by the highly active Gamaredon team targeting government agencies in Ukraine.

The 2nd Quarterly 2021 Threat Report also examines the most important findings and achievements of ESET researchers: a new APT team focusing on Windows and Linux systems, a variety of security issues in stalkerware applications for Android, and a different category of malware targeting IIS servers , which is highlighted in the Featured story section.

Finally, ESET's report includes an overview of a series of recommendations they gave and company experts over the past few months and presents talks scheduled for Virus Bulletin, AVAR, SecTor and many other conferences. It also provides an overview of ESET's participation in the MITER Engenuity ATT&CK® assessment, which will focus on the tactics, techniques and processes used by the Wizard Spider and Sandworm APT teams.

You can read it ESET Threat Report Q2 2021 (PDF) on ESET's blog, WeLiveSecurity. The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.


Written by newsbot

Although the press releases will be from very select to rarely, I said to go ... because sometimes the authors are hiding.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).