Infoblox is pleased to publish our first Infoblox Quarterly Cyberthreat Intelligence Report. You can download your copy immediately.
This Q3 2020 report includes our data on threat activity publicly released from July 1, 2020, through September 30, 2020.
This data provides our original research context and insight into significant threats recently observed, detailed analysis of advanced malware campaigns and analysis of recent significant attacks. In some cases, we report and expand on original research published by other security firms, industry experts and university researchers.
Timely information on cyberthreats is vital to protect the user community at large. Infoblox threat reports generally include research on specific threats and related data, customer impacts, analysis of campaign execution, details of attack chains, and vulnerabilities and mitigation steps.
We may also share background information on the threat actors likely responsible for the particular incidents under review. Subscribers to our threat intelligence products and services will receive the full reports, which provide more comprehensive data, including an in-depth list of the indicators of compromise (IOCs) for the specific campaign, as well as other timely alerts and information.
Social Engineering and Email Spam Campaigns Continue to be Top Attack Vectors
Our researchers continue to see a large emphasis on email campaigns and socially engineered attacks designed to engage victims. In many of the threats we uncover, perhaps a majority, the intended victim must interact and cooperate for the attack to succeed, generating a need for the attackers to create campaigns that will successfully deceive victims.
Commercial and government enterprises are facing new challenges due to the Coronavirus pandemic. Teleworking has presented vulnerabilities that are more easily exploited by threat actors who continue to move aggressively to leverage these new opportunities. Remote workers require access to enterprise resources from a variety of endpoints, including both employer-provided and personal laptops, as well as a broad mix of mobile devices.
The cybersecurity procedures and security controls used within enterprise facilities are unable to provide the same level of security for remote locations. The enterprise security stack is far too complex to work remotely without significant changes, preparation and planning. The rate at which the pandemic has unfolded has been fast, widespread and unexpected. Given this rapid expansion, targeted organizations have had very little time to alter their existing cybersecurity measures to support a large-scale remote workforce. Consumer Wi-Fi connections, document shares on cloud folders, and home browsers configured with plug-ins and applications are just some of the many vulnerabilities that may introduce substantial risks that were not present before the pandemic.
Home routers are not always secure or updated to the level their manufacturers suggest. Workers at home may also be more inclined to view personal emails and other nonbusiness websites on employer-issued devices. Such viewings only increase the probability of encountering malware-laden advertisements (malvertisements) that could potentially compromise workers’ devices and, eventually, the enterprise.
Further, attackers are leveraging through social engineering the widespread demand for information about the severity of the pandemic to lure victims in. Remote workers may easily fall victim to malware-laden links in online forums, social media and small publications whose websites have been compromised. These challenges will remain a constant threat, especially to remote users.
Email campaigns remain one of the top attack vectors for threat actors. Emails with malicious attachments or URLs directing users to malware-laden websites remain a top threat for commercial, government and home users. Email spam campaigns are a prevalent theme in the research we produce on current threats, and our view is consistent with the FBI’s in that email-based scams will continue to grow and evolve through 2020 and beyond.
Download the report here: https://info.infoblox.com/resources-whitepapers-infoblox-q3-2020-cyberthreat-intelligence-report
We expect to publish our Q4 2020 Quarterly Cyberthreat Intelligence Report in January 2021. Please stay tuned!
If you want to know more about our products and services please reach out to us directly via sales@infoblox.com.
