CHECKPOINT: AGENTTESLA TOPS MALWARE REPORT FOR OCTOBER, NEW THREAT DISCOVERED


Cybersecurity solutions provider, Check Point SoftwareTechnologies, is reporting that AgentTesla, a remote access trojan (RAT)/ keylogger, has recorded the most impact on organizations across the globe.

The release of their Global Threat Index report for October 2022 states that the malware has affected seven percent of organizations worldwide, along with multiple attacks from Lokibot, an infostealer, and Text4Shell, a new threat targeting Apache Commons Text.

Vice President, Research at Check Point Software, Maya Horowitz, says, “We saw a lot of change in the rankings this month, with a new set of malware families making up the big three. It is interesting that Lokibot has climbed back to the third spot so quickly, which shows an increasing trend towards phishing attacks.”

As we head into November, which is a busy buying period, it is important that people remain vigilant and keep an eye out for suspicious emails that could be carrying malicious code. Be aware of signs such as an unfamiliar sender, request for personal information and links. If in doubt, visit websites directly and find the appropriate contact information from verified sources, and make sure you have malware protection installed,” she concludes.

The report also provided understanding on how these flagged viruses work. Lokibot enters a computer system or network (usually Android and Windows devices) through online or offline messaging, yet go unnoticed. It poses as a genuine application on the device while harvesting sensitive information from a victim’s system. Text4Shell (or CVE-2022-42889) is a newly identified vulnerability that allows attacks over a network, without the need for any specific privileges or user interaction and accounts for eight of cyberattacks on organizations.

Furthermore, the reports for Octpber enlists educational and research as the sector with the most hits by cyberattacks with government and military as well as healthcare following closely. Again, exploited vulnerabilities can lead to disclosure of sensitive information, remote command executions, and coding running on affected systems.

“This month “Web Server Exposed Git Repository Information Disclosure” remains the most commonly exploited vulnerability, impacting 43% of organizations globally. This is followed by “Apache Log4j Remote Code Execution” which remains in second place with an impact of 41% and “HTTP Headers Remote Code Execution” taking the third spot with a global impact of 39%,” part of the report states.

Comments

Popular posts from this blog

IBM JOINS HANDS WITH RAPIDUS TO ADVANCE CHIPMAKING IN JAPAN