Security News > 2023 > December > Cisco Talos Report: New Trends in Ransomware, Network Infrastructure Attacks, Commodity Loader Malware

We'll focus on three topics covered: the ransomware cybercriminal ecosystem, network infrastructure attacks and commodity loader malware.

More ransomware actors switched to extortion rather than encryption, while commodity loaders evolved to be stealthier and highly effective, although new major security improvements have seen the day in 2023, such as Microsoft Office disabling macros by default.

Multiple leaks of ransomware source code and builders also affected the ransomware threat landscape because these allowed more people to start their own operations.

Cisco Talos states that "Clop's repeated efforts to exploit zero-day vulnerabilities is highly unusual for a ransomware group given the resources required to develop such capabilities," yet it is still unsure that they do develop exploits on their own.

The improvements in ransomware detection capabilities from Endpoint Detection and Response and Extended Detection and Response software might be one reason for switching tactics and stopping deploying ransomware on the targeted systems.

The IcedID new samples have been used by initial access brokers known for commonly selling network accesses to ransomware groups.

News URL

https://www.techrepublic.com/article/cisco-talos-year-end-report/