Friday, March 31, 2023

It's all about technology

Most cyberattacks now exploit encrypted traffic

A new report from cloud computing security company Zscaler says that many modern cyberattacks take advantage of encrypted traffic, which means they are more difficult to identify and block.

The report states that businesses need to adopt a cloud-based, zero-trust architecture to better monitor internet-related traffic and fend off inbound threats.

A zero-trust architecture is defined as an enterprise cybersecurity architecture that is based on principles of zero trust and designed to prevent data breaches and limit internal lateral movement.

Based on more than 300 trillion daily signals and 270 billion daily transactions via Zscaler Zero Trust Exchange, the report indicates that in 2022 alone the company blocked about 24 billion cryptographic threats, most of them using TLS or SSL security protocols. These numbers represent a 20 percent increase from 2021 when the company blocked 20.7 billion such attacks and a 314 percent increase from 2020.

Zscaler says that in most cyberattacks, cybercriminals hide malware in encrypted traffic, and malicious scripts and payloads account for nearly 90 percent of all cryptographic attack methods blocked this year.

Among all the different types of malware, ransomware remains, according to Zscaler, one of the most destructive. There are also more popular strains of malware: ChromeLoader, Gamaredon, AdLoad, SolarMarker, and Manuscrypt.

According to the report, the top targets remain those in the United States, India, the United Kingdom, and Australia, with South African victims making it into the top five for the first time.

At 613 percent and 155 percent, respectively, Japan and the United States were among the countries that saw an increase in cyberattacks. The manufacturing industry remains the top target with an increase of 239 percent, mostly due to COVID-19 measures, which continue to dictate the way these businesses operate. Another notable industry was education, which saw a 132 percent increase year-on-year.

On the other hand, cyberattacks against government and retail organizations decreased by 40 percent and 63 percent, respectively, mostly because, according to Zscaler, law enforcement agencies were quick to go after the actors they targeted.

Deepin Desai, Chief Information Security Officer and VP of Security Research and Operations at Zscaler said that while organizations are improving their cyber defenses, adversaries are also getting more sophisticated, particularly in their use of circumvention tactics.

Desai added that potential threats continue to hide in encrypted traffic, aided by service models that significantly reduce the technical barriers to doing so.

Get notified whenever we post something new!

Continue reading

Stability AI CEO hints at IPO plans, calls for transparency in AI governance

During the Cerebral Valley AI Conference in San Francisco on Thursday, Emad Mostaque, the CEO and founder of Stability AI, revealed that he plans to take the open-source platform public within the next few years

Amazon’s Audible Tests Advertisements in Audiobooks for Non-Paying Users

Audible, the audiobook company owned by Amazon, has begun testing advertisements in its audiobooks. The experiment is currently limited to non-paying users

“Google Chrome and Classroom Launch New Features for Educators and Students, Including Reading Mode and AI-Powered Hand Raise Detection

Google has recently announced new features for educators and students that will be added to Chrome and Classroom. Among these features is the new “reading mode” for Chrome, which is an AI-powered feature that helps students with dyslexia and ADHD.