This Week in Security News May 21, 2021
ZDI Tops Omdia Vulnerability Disclosures Again and Robots May Take Over Cybercrime by 2030
Save to Folio
Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, read about how the ZDI dominated the number of disclosed vulnerabilities for the 13th year in a row. Also, read about what cybercrime may look like by the year 2030.
The Trend Micro Zero Day Initiative (ZDI) dominated the number of disclosed vulnerabilities for the 13th year in a row based on Omdia’s research into the vulnerability disclosure market. Omdia dove into all the 1,378 vulnerabilities disclosed by 11 vendors in 2020, of which the ZDI disclosed 825 (60.5%). This continued leadership has ensured Trend Micro customers have the best vulnerability research in the industry backing them up against the use of exploits in attacks by malicious actors.
This week during RSA conference, Dr. Victoria Baines of Oxford University and Rik Ferguson of Trend Micro used existing trends to forecast that society and everyday life will be likely even more wired — and wireless — than today, and that criminals would quickly adapt. The researchers predicted that cybercrime in the year 2030 will be run by computer programs that are intelligent, self-learning and difficult to defend against.
Malicious actors have been known to harvest cloud service provider (CSP) credentials once they get into their victims’ systems. In TeamTNT’s latest attack routine, Trend Micro observed new evidence that the cybercriminal group has further extended its credential harvesting capabilities to target multiple cloud and non-cloud services in victims’ internal networks and systems post-compromise.
Research from Mayra Rosario Fuentes, Senior Researcher at Trend Micro, shows that crooks are salivating for Microsoft bugs, which are the most requested and most sold exploits in the underground market. According to researchers, Microsoft products made up a whopping 47 percent of the requests and the exploit market is accommodating cybercrooks’ hunger for puncturing Microsoft products.
Today, advanced defense technologies are more prominent across business globally, which has forced attackers to shift their approach. The new approach is much more targeted and hidden, making modern ransomware more difficult than ever to spot and stop before it’s too late. Trend Micro Vision One is the answer to this problem, correlating suspicious activity across environments to identify and stop lateral movement from attackers before ransomware is dropped.
In May, a researcher released a proof-of-concept (PoC) exploit for a use-after-free, highly critical vulnerability in the HTTP protocol stack (http.sys) that could lead to wormable remote code execution (RCE). The publishing of a PoC code like this is typically the first step in the lifecycle of an exploit. According to Trend Micro’s Mayra Rosario Fuentes, the next step in that lifecycle is for crooks to sell it.
While much of President Biden’s cybersecurity executive order may not be new concepts, the potential for long term impact to federal cybersecurity is high and immediate. This blog from Trend Micro dives into three sections from the executive order, assessing their potential impact in reducing risk across the federal enterprise, as well as potential impact to other sectors.
FTC Reports Huge Jump in Cryptocurrency Scams
The Federal Trade Commission (FTC) recently revealed that between October 2020 - March 2021 nearly 7,000 consumers reported losing a total of $80 million from cryptocurrency scams. That compares to only 570 cryptocurrency scam reports during the same time a year prior, representing a more than 1,100 percent rise in cryptocurrency scam reports. As the value of cryptocurrencies continues to soar, new investors want in on the action, and scammers are more than willing to accommodate them.
Security and development teams have historically worked in siloes as both teams are responsible for different aspects of their company’s software. The is competing priorities, coupled with a large communications gap, has resulted in a cultural divide. DevOps is tasked with pushing out products at accelerating speeds, while SecOps is facing increasingly complex threats and an overload of alerts. To combat these problems, security needs to be built in by design – not an afterthought.
The North Carolina House of Representatives unanimously passed legislation that would prohibit state and local agencies from paying ransomware demands or communicating with criminal actors who attempt to encrypt government networks or steal data. While the FBI routinely advises victims to never pay, many do. The new bill also increases the reporting requirements in informing the state that they’ve been the victim of a ransomware incident and bars negotiating with ransomware actors.
The European Union Agency for Cybersecurity’s latest report lays out various recommendations for the security of connected and automated mobility (CAM). The report provides an overview of the cybersecurity challenges in the CAM sector, highlighting both the concerned CAM actors and related recommendations.
What do you think cybercrime will look like in 2030? Share in the comments below or follow me on Twitter to continue the conversation: @JonLClay.