GreyNoise Intelligence gives insights into 'Threat Detection events' via 2022 Mass Exploitation Report
GreyNoise Intelligence, a cybersecurity startup that uses data analysis to separate threats from background noise has released the first 2022 Mass Exploitation Report, a thorough look at the most major Threat Detection occurrences over the last year.
By ET Spotlight Special |
Agencies
According to Bob Rudis, Vice President of Research and Data Science at GreyNoise Intelligence, there are many types of vulnerabilities to consider when talking about cybersecurity. Most of those brought to the notice of the general public turn out to be unimportant.
Security analyst Andrew Morris claims that GreyNoise's "crucial tools and data" can be used to prioritize patching, identify and block malicious sources with confidence and that the company is in a unique position to help organizations understand which technologies are subject to widespread exploitation.
GreyNoise added approximately 230 new detection tags in 2022, up almost 38% over the year before. Researchers at GreyNoise have compiled the following data for their 2022 report on mass exploitation:
The F5 Big-IP iControl REST Authentication Bypass, CVE-2022-1388, and the celebrity vulnerability hype cycle are discussed. You can see how committed attackers are never to let a significant vulnerability go unpatched by looking into the breadth and depth of CVE-2022-26134, a bug in Atlassian Confluence.
5 Cybersecurity Threats To Watch Out For In 2022
1/6
In 2021, cyber criminals delivered a wave of cyber-attacks that were not just highly coordinated, but far more advanced than ever seen before. You may have read about recent cybersecurity incidents impacting some of the largest corporations in the world.
A flurry of new threats, technologies, and business models have emerged in the cybersecurity space as the world shifted to a remote work model in response to the COVID-19 pandemic and has subsequently moved to a ‘hybrid’ work culture.
These cyberattacks target everyone, but trends show that small businesses are one of the most common targets. Neelesh Kripalani, Chief Technology Officer of Clover Infotech, shares five cybersecurity threats that businesses should be prepared to mitigate in 2022:
In 2021, cyber criminals delivered a wave of cyber-attacks that were not just highly coordinated, but far more advanced than ever seen before. You may have read about recent cybersecurity incidents i..
Read More
Within the organization's set up, one can mitigate the common cybersecurity risks through a firewall, employee awareness, and stringent policies etc. However, when employees are working remotely, putting up cybersecurity measures becomes difficult. A recent survey from the UK and US-based security firm, Tessian, found that 56% of senior IT technicians believe their employees have picked up bad cyber-security habits while working from home. Some of the top cybersecurity risks associated with remote work include unsafe networks, use of personal devices, human error etc. Implementing security measures such as VPNs, anti-phishing tools, anti-virus, constant employee education etc. can help to mitigate the risk to a great extent.
Within the organization's set up, one can mitigate the common cybersecurity risks through a firewall, employee awareness, and stringent policies etc. However, when employees are working remotely, put..
Read More
Organizations are rapidly using the cloud to fast-track their digital transformation journey. Despite the increasing adoption of cloud, the data security still remains a key concern for many enterprises. Some of the top causes of cloud vulnerabilities are improper management of RDP (Remote Desktop Protocol), misconfigurations, weak authentication, and shadow IT use etc.
Organizations are rapidly using the cloud to fast-track their digital transformation journey. Despite the increasing adoption of cloud, the data security still remains a key concern for many enterpri..
Read More
Digital transformation is about becoming data-driven. The Internet of Things (IoT) is one of the key providers of that data. IoT devices are vulnerable mostly because they lack the necessary built-in security controls to defend against threats. As per Kaspersky, IoT cyberattacks have more than doubled in 2021 compared to the previous year. Vulnerabilities in IoT devices allows cyber criminals to gain access to the sensitive data and to further launch attacks against other connected systems.
Digital transformation is about becoming data-driven. The Internet of Things (IoT) is one of the key providers of that data. IoT devices are vulnerable mostly because they lack the necessary built-in..
Read More
The traditional story of ransomware was one of malicious code rapidly encrypting files with public-key RSA encryption, and then deleting those files if the victim did not pay the ransom. The 'Double Extortion Ransomware Attack' aka 'pay-now-or-get-breached' involves threat actors stealing data from organizations in addition to encrypting files. This means that, in addition to demanding a ransom to decrypt data, attackers can later threaten to leak the stolen information if an additional payment is not made.
The traditional story of ransomware was one of malicious code rapidly encrypting files with public-key RSA encryption, and then deleting those files if the victim did not pay the ransom. The 'Double ..
Read More
Credential stuffing is a cyber-attack in which credentials obtained from a data breach on one service are used to attempt to log in to another unrelated service. Such attacks are on the rise due to the more sophisticated bots that simultaneously attempt several logins, and appear to originate from different IP addresses. The main reason that credential stuffing attacks are effective is that many users reuse the same username/password combination across multiple sites. If this practice continues, credential stuffing will remain a serious threat.
Credential stuffing is a cyber-attack in which credentials obtained from a data breach on one service are used to attempt to log in to another unrelated service. Such attacks are on the rise due to t..
The impact of releasing CISA's inventory of exploitable vulnerabilities to defence organizations.
ADVERTISEMENT
In the 2022 Mass Exploitation Report, the most important threat detection events of 2022 are described, along with GreyNoise VP of Data Science Bob Rudis's projection for 2023.
Another noteworthy result ascribed to Rudis is that companies must prepare themselves for a rise in the number of assaults launched against their systems after access is given.
FAQs:
What is GreyNoise used for? GreyNoise gathers, analyzes, and labels data on IP addresses that search the internet and overwhelm security measures with noise.
Business News › News › International › US News › GreyNoise Intelligence gives insights into 'Threat Detection events' via 2022 Mass Exploitation ReportText Size:AAA
