Security News
"Malware free" attacks, attackers' increased reliance on legitimate tools and scripting frameworks, and BEC scams were the most prominent threats small and medium businesses faced in Q3 2023, says the inaugural SMB Threat Report by Huntress, a company that provides a security platform and services to SMBs and managed service providers. Attackers deployed malware in 44% of cases, but the remaining 56% of incidents included use of "Living off the land" binaries, scripting frameworks and remote monitoring and management software.
Despite advancements in IT security measures, SMBs remain firmly in the crosshairs of cybercriminals, according to Devolutions. Devolutions CEO David Hervieux states, "The results from our survey dovetail nicely with October's National Cybersecurity Awareness Month - as one of our primary goals with this report is to expand awareness of the vulnerabilities that many SMBs face. It's not just about presenting stats but about truly educating the industry on the various pitfalls - and how SMBs can use the survey findings to identify gaps, develop strategies, and make informed decisions regarding their cybersecurity posture."
Windows 11 will let admins mandate SMB client encryption for all outbound connections, starting with today's Windows 11 Insider Preview Build 25982 rolling out to Insiders in the Canary Channel. SMB encryption provides data end-to-end encryption and can be enabled on a per-share basis for the entire file server or when mapping drives using Windows Admin Center, Windows PowerShell, or UNC Hardening.
Globally, 48% of SMBs have experienced a cybersecurity incident in the past year, while 26% of US SMBs have experienced more than one type of cyber breach. 75% of US SMBs say cyber threats are a major concern and 59% expect to increase their investment in cybersecurity in the coming year.
Microsoft added a new security feature to Windows 11 that lets admins block NTLM over SMB to prevent pass-the-hash, NTLM relay, or password-cracking attacks. This will modify the legacy approach where Kerberos and NTLM authentication negotiations with destination servers would be powered by Windows SPNEGO. When connecting to a remote SMB share, Windows will try to negotiate authentication with the remote computer by performing an NTLM challenge response.
In this Help Net Security interview, Pete Hoff, CISO at Wursta, offers advice to SMB security leaders and professionals on how to minimize the threat phishing presents to their organization's operations and long-term success. To minimize the danger of phishing, how can businesses create a culture of skepticism and caution among their employees? If they implement simulated phishing campaigns, how can they avoid eroding employee trust in the company? How can businesses make training programs more effective?
Small and medium-sized businesses are targeted by cyberattackers as much as large companies, the 2023 Verizon Data Breach Investigations Report has revealed; here are some cybersecurity controls they should prioritize. SMBs often underestimate their appeal as a potential target.
A new report from Kaspersky reveals the top cyber threats for SMBs in 2023. The biggest cybersecurity threat to SMBs is the use of exploits by attackers; there were 483,980 detections in the five first months of 2023.
Microsoft says SMB signing will be required by default for all connections to defend against NTLM relay attacks, starting with today's Windows build rolling out to Insiders in the Canary Channel. "This changes legacy behavior, where Windows 10 and 11 required SMB signing by default only when connecting to shares named SYSVOL and NETLOGON and where Active Directory domain controllers required SMB signing when any client connected to them," Microsoft said.
By analyzing a year's worth of APT campaign data they collected from the 200,000+ SMBs that have their security solution deployed, they pinpointed three main trends of attacks targeting SMBs in the space of a year. SMBs often lack adequate cybersecurity measures, making them vulnerable to all kinds of cyber threats.