Security News > 2023 > November > SMBs face surge in “malware free” attacks
"Malware free" attacks, attackers' increased reliance on legitimate tools and scripting frameworks, and BEC scams were the most prominent threats small and medium businesses faced in Q3 2023, says the inaugural SMB Threat Report by Huntress, a company that provides a security platform and services to SMBs and managed service providers.
Attackers deployed malware in 44% of cases, but the remaining 56% of incidents included use of "Living off the land" binaries, scripting frameworks and remote monitoring and management software.
"In 65% of incidents, threat actors used RMM software as a method for persistence or remote access mechanisms following initial access to victim environments," they said.
Notably, 64% of identity-focused attacks SMBs faced in Q3 2023 involved malicious forwarding or other inbox rules, while 24% were associated with logons from unusual or suspicious locations.
60% of ransomware incidents affecting SMBs were attributed to uncategorized, unknown, or "Defunct" ransomware strains.
"Whether for monetization purposes through ransomware or BEC, or potentially even state-directed espionage activity, SMBs remain at risk from a variety of entities," the researchers added.
News URL
https://www.helpnetsecurity.com/2023/11/28/smbs-attacks-q3-2023/
Related news
- NoName ransomware gang deploying RansomHub malware in recent attacks (source)
- Iranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware Attack (source)
- CISA warns of Windows flaw used in infostealer malware attacks (source)
- Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users (source)
- Hackers deploy AI-written malware in targeted attacks (source)
- N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks (source)
- New RomCom malware variant 'SnipBot' spotted in data theft attacks (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Evolving cybercriminal tactics targeting SMBs (source)