checkAd

     209  0 Kommentare HP Catches Cybercriminals ‘Cat-Phishing’ Users

    Invoice lures were the weapon of choice last quarter, while threat actors used Living-off-the-Land techniques to evade detection

    PALO ALTO, Calif., May 16, 2024 (GLOBE NEWSWIRE) -- HP Inc. (NYSE: HPQ) today issued its quarterly HP Wolf Security Threat Insights Report, showing attackers are relying on open redirects, overdue invoice lures, and Living-off-the-Land (LotL) techniques to sneak past defences. The report provides an analysis of real-world cyberattacks, helping organizations to keep up with the latest techniques cybercriminals use to evade detection and breach PCs in the fast-changing cybercrime landscape.

    Anzeige 
    Handeln Sie Ihre Einschätzung zu HP Inc!
    Long
    30,12€
    Basispreis
    0,61
    Ask
    × 5,51
    Hebel
    Zum Produkt
    Short
    42,95€
    Basispreis
    0,62
    Ask
    × 5,42
    Hebel
    Zum Produkt
    Präsentiert von

    Den Basisprospekt sowie die Endgültigen Bedingungen und die Basisinformationsblätter erhalten Sie bei Klick auf das Disclaimer Dokument. Beachten Sie auch die weiteren Hinweise zu dieser Werbung.

    Based on data from millions of endpoints running HP Wolf Security, notable campaigns identified by HP threat researchers include:

    • Attackers using open redirects to ‘Cat-Phish’ users: In an advanced WikiLoader campaign, attackers exploited open redirect vulnerabilities within websites to circumvent detection. Users were directed to trustworthy sites, often through open redirect vulnerabilities in ad embeddings. They were then redirected to malicious sites – making it almost impossible for users to detect the switch.
    • Living-off-the-BITS: Several campaigns abused the Windows Background Intelligent Transfer Service (BITS) – a legitimate mechanism used by programmers and system administrators to download or upload files to web servers and file shares. This LotL technique helped attackers remain undetected by using BITS to download the malicious files.
    • Fake invoices leading to HTML smuggling attacks: HP identified threat actors hiding malware inside HTML files posing as delivery invoices which, once opened in a web browser, unleash a chain of events deploying open-source malware, AsyncRAT. Interestingly, the attackers paid little attention to the design of the lure, suggesting the attack was created with only a small investment of time and resources.

    Patrick Schläpfer, Principal Threat Researcher in the HP Wolf Security threat research team, comments:

    Lesen Sie auch

    "Targeting companies with invoice lures is one of the oldest tricks in the book, but it can still be very effective and hence lucrative. Employees working in finance departments are used to receiving invoices via email, so they are more likely to open them. If successful, attackers can quickly monetize their access by selling it to cybercriminal brokers, or by deploying ransomware.”

    Seite 1 von 3


    Diskutieren Sie über die enthaltenen Werte


    globenewswire
    0 Follower
    Autor folgen
    RSS-Feed abonnieren

    Weitere Artikel des Autors


    Verfasst von globenewswire
    1 im Artikel enthaltener WertIm Artikel enthaltene Werte
    HP Catches Cybercriminals ‘Cat-Phishing’ Users Invoice lures were the weapon of choice last quarter, while threat actors used Living-off-the-Land techniques to evade detectionPALO ALTO, Calif., May 16, 2024 (GLOBE NEWSWIRE) - HP Inc. (NYSE: HPQ) today issued its quarterly HP Wolf Security …

    Auch bei Lesern beliebt

    Schreibe Deinen Kommentar

    Disclaimer