CHECKPOINT: AGENTTESLA TOPS MALWARE REPORT FOR OCTOBER, NEW THREAT DISCOVERED
The release of their Global Threat Index report for
October 2022 states that the malware has affected seven percent of
organizations worldwide, along with multiple attacks from Lokibot, an
infostealer, and Text4Shell, a new threat targeting Apache Commons Text.
Vice
President, Research at Check Point Software, Maya Horowitz, says, “We saw a lot of
change in the rankings this month, with a new set of malware families making up
the big three. It is interesting that Lokibot has climbed back to the third
spot so quickly, which shows an increasing trend towards phishing attacks.”
As
we head into November, which is a busy buying period, it is important that
people remain vigilant and keep an eye out for suspicious emails that could be
carrying malicious code. Be aware of signs such as an unfamiliar sender,
request for personal information and links. If in doubt, visit websites
directly and find the appropriate contact information from verified sources,
and make sure you have malware protection installed,” she concludes.
The
report also provided understanding on how these flagged viruses work. Lokibot
enters a computer system or network (usually Android and Windows devices) through
online or offline messaging, yet go unnoticed. It poses as a genuine
application on the device while harvesting sensitive information from a
victim’s system. Text4Shell (or CVE-2022-42889) is a newly identified
vulnerability that allows attacks over a network, without the need for any
specific privileges or user interaction and accounts for eight of cyberattacks
on organizations.
Furthermore,
the reports for Octpber enlists educational and research as the sector with the
most hits by cyberattacks with government and military as well as healthcare
following closely. Again, exploited vulnerabilities can lead to disclosure of
sensitive information, remote command executions, and coding running on
affected systems.
“This
month “Web Server Exposed Git Repository Information Disclosure” remains
the most commonly exploited vulnerability, impacting 43%
of organizations globally. This is followed by “Apache Log4j Remote
Code Execution” which remains in second
place with an impact of 41% and “HTTP Headers Remote Code
Execution” taking the third spot
with a global impact of 39%,” part of the report states.
Comments
Post a Comment