TAG cybersecurity experts: The breadth of targets in those campaigns stands in contrast to many government-backed operations.
Yoroi-Cybaze confirms that malware is still the most aggressive and pervasive threats to the cyber security. The company issues the Security Annual Report 2018 with threats and attacks that bypassed targets security measures. Data have been collected directly from the customer side
Malware endure as the most aggressive and pervasive threat to the cyber security. It has been confirmed by Yoroi-Cybaze in its Security Annual Report 2018. Experts observed an increased number of cyber attacks and In many cases these reached a very high sophistication levels. Both nation-state cyber espionage groups and cybercrime organizations carried out attacks that had a severe impact on the victims. This is just the tip of the iceberg, since in many cases organizations are not able to detect threats allowing them to cause huge damage on their infrastructure. The document analyzes every single attack and/or threat has been managed by the experts at Yoroi. It provides a unique point of view because it describes threats and attacks that have bypassed security measures implemented by the targets. Those data are not coming from OSINT or CLOSINT, but have been collected directly from the customer side.
The report is divided into six sections. From the evolution of the malware to new trends on cyber attacks techniques and operations
The Yoroi-Cybaze report is divided into sections. Each one is atomic and could be read independently from the other. The first one describes the evolution of the malware in the threat landscape in the past twelve months. It also includes a special focus on 0-Day Malware and their propagation methods. The second reports observed data from the attacks surface focusing on IP addresses analysis and ASNs involved in the attacks. Section 3 describes the “blocked attacks” through Yoroi DNS protection during the year, while the fourth is focused on DarkNet activities observed by the cyber security researchers. It can be exploited to hide C2 infrastructures or to carry out aggressions attempting to remain anonymous. This section provides data on the cyber attacks originated from resources hidden in the darknets and communications from customers infrastructures to darknets, likely associated with malware activity. Section 5 includes a wide analysis on data leaks discovered and, finally, the Section 6 describes new trends on attacks techniques and operations.