Cyber Security
CrowdStrike Outs its Global Threat Report for 2024
CrowdStrike has announced the findings of the 2024 CrowdStrike Global Threat Report, highlighting a surge in adversaries leveraging stolen identity credentials to exploit gaps in cloud environments and maximize the stealth, speed and impact of cyberattacks. The report also details the biggest threats on the horizon for 2024, including the disruption of global elections and the exploitation of generative AI to lower the barrier of entry and launch more sophisticated attacks. In the 10th annual edition of the company’s seminal report, CrowdStrike highlights activity from some of the 230+ prolific threat groups that it tracks today.
Key findings in the 2024 report include:
- Dramatic Increase in Attack Velocity: The speed of cyberattacks continues to accelerate at an alarming rate. The report indicates that the average breakout time is down to only 62 minutes from 84 in the previous year (with the fastest recorded attack coming in at 2 minutes and 7 seconds). Once initial access was obtained, it took only 31 seconds for an adversary to drop initial discovery tools in an attempt to compromise victims.
- Stealthy Attacks Spike as Adversaries Compromise Credentials: The report notes a sharp increase in interactive intrusions and hands-on-keyboard activity (60%) as adversaries increasingly exploit stolen credentials to gain initial access at targeted organizations.
- Adversaries Follow as Business Moves to the Cloud: Adversaries turned their sights to the cloud through valid credentials – creating a challenge for defenders looking to differentiate between normal and malicious user behaviour. The report shows cloud intrusions increased by 75% overall with cloud-conscious cases amplifying by 110% Year-over-Year.
- The Exploitation of Generative AI on the Horizon: In 2023, CrowdStrike observed nation-state actors and hacktivists experimenting with and seeking to abuse generative AI to democratize attacks and lower the barrier of entry for more sophisticated operations. The report highlights how generative AI will likely be used for cyber activities in 2024 as the technology continues to gain popularity.
- Disrupting Democracy by Targeting Global Elections: With more than 40 democratic elections scheduled in 2024, nation-state and eCrime adversaries will have numerous opportunities to disrupt the electoral process or sway voter opinion. Nation-state actors are highly likely to conduct mis-or disinformation operations to sow disruption against the backdrop of geo-conflicts and global elections.
“Throughout 2023, CrowdStrike observed unprecedented stealthy operations from brazen eCrime groups, sophisticated nation-state actors and hacktivists targeting businesses in every sector spanning the globe. Rapidly evolving adversary tradecraft honed in on both cloud and identity with unheard-of speed, while threat groups continued to experiment with new technologies, like GenAI, to increase the success and tempo of their malicious operations,” said Adam Meyers, head of Counter Adversary Operations, CrowdStrike. “To defeat relentless adversaries, organizations must embrace a platform approach, fueled by threat intelligence and hunting, to protect identity, prioritize cloud protection, and give comprehensive visibility into areas of enterprise risk.”
Cyber Security
AmiViz Champions Cybersecurity Innovation at Leading MENA Events
AmiViz has announced its successful participation in two key regional cybersecurity conferences: MENA ISC 2024 in Saudi Arabia, and CYSEC UAE 2024 in the UAE. These events have served as a platform for AmiViz to collaborate with its top vendors, including Bitsight, Cequence Security, Picus Security, AlgoSec, BlackBerry, Check Point, Tenable, Asimily, and Threatcop, to showcase cutting-edge cybersecurity technologies and solutions.
Throughout these events, AmiViz engaged deeply with partners and customers, gaining invaluable insights into the unique cybersecurity challenges faced in the region. The focus was on promoting new technologies that address these challenges and enhance security protocols for businesses operating in the dynamic Middle Eastern market.
“Our presence at the MENA ISC 2024, and CYSEC UAE 2024 has been a remarkable opportunity for us to not only present our innovative solutions but also to understand firsthand the needs and pain points of our clients,” stated Ilyas Mohammed, COO at AmiViz. “Collaboration with our key vendors has allowed us to offer a comprehensive suite of cybersecurity products and services that cater specifically to the complexities of this region.”
AmiViz’s participation in these events underscores its commitment to advancing cybersecurity readiness and resilience across the Middle East. By leveraging strategic partnerships with leading global vendors, AmiViz continues to bring state-of-the-art cybersecurity solutions to the forefront, helping businesses protect their critical assets against increasingly sophisticated cyber threats.
AmiViz, along with its key vendors, will continue participating in major tech events, with plans for a strong presence at GITEX next month. Following GITEX, the company is gearing up for Black Hat in Saudi Arabia this November, showcasing its cutting-edge cybersecurity solutions to the region.
Cyber Security
UAE and Saudi Arabia Face Unprecedented 70% Rise in Threats: Positive Technologies
Positive Technologies experts have unveiled comprehensive research on the shadow market of cybercriminal services targeting the Gulf countries. The UAE and Saudi Arabian organizations remain in the crosshairs of cybercriminals, and over half of all posts on darknet forums are about selling data and access to local companies’ infrastructures. Researchers have highlighted a sharp increase in the free distribution of such data on the dark web, along with a surge in reports of DDoS attacks targeting the public sector and other industries. One in five ads analyzed was related to buying or selling access, with two-thirds available for under $1,000.
According to the research, cybercriminals remain focused on the two largest economies in the region—the UAE (40% of all posts) and Saudi Arabia (26%). The spotlight on darknet forums is on the public sector, which accounted for 21% of all analyzed posts. Most of the data (63%) related to regional government institutions was published for free as part of hacktivist attacks. Next in line for most popular on the dark web are commerce (16% of all ads), the service sector (15%), and financial institutions (13%).
Amid geopolitical tensions, hacker groups have ramped up calls for DDoS attacks and breaches to disrupt government institutions in the region. In the first half of 2024, the number of reports on the results of DDoS attacks on the dark web surged by 70% compared to the same period in 2023. Beyond the public sector, hacktivists also targeted the financial and transportation sectors.
According to the research, 33% of all the analyzed ads were linked to data breaches. One-third of these messages were about selling information. In these ads, criminals primarily offered databases stolen from major commerce companies, with an average cost of $2,300.
Positive Technologies analyst Anastasiya Chursina commented, “When compared to our previous research over a similar period, the share of freely distributed data almost doubled (up to 59%). This allows criminals to broaden the profiles of potential victims for targeted attacks. If the victim refuses to pay the ransom, both ransomware groups, as well as hacktivists (whose goal is to draw public attention to a political stance rather than just receive financial gain), can distribute data for free.”
Accessing company information resources is the second most common type of dark web ads, making up 21% of all listings. According to the research, in 70% of all cases, access can be bought for less than $1,000. The vast amount of access-for-sale ads on the darknet and their low cost make it easier for cybercriminals to gain initial access and launch attacks on organizations in the region.
Positive Technologies recommends that companies build their defences based on result-driven cybersecurity, using modern tools such as application-level firewalls, including cloud versions, network traffic analysis systems, solutions for monitoring information security events and managing incidents, as well as metaproducts.
Cyber Security
BotGuard OÜ to Offer Live Demos at GITEX GLOBAL 2024
BotGuard OÜ will present its intuitive, user-friendly cybersecurity solution at GITEX GLOBAL 2024, focusing on effective bot protection. Live demonstrations in Hall 25 stand H25-21 will showcase the ease and efficiency of the technology in securing websites against malicious attacks. “Our participation in GITEX GLOBAL 2024 underscores our commitment to addressing the escalating malicious bot attacks faced by organizations worldwide,” said Bertil Brendeke, Chief Revenue Officer (CRO) of BotGuard OÜ. “At GITEX, we aim to engage with industry leaders and stakeholders, sharing our expertise and practical technologies that can help fortify their defences.”
In 2023, 17% of API attacks involved bad bots exploiting business logic vulnerabilities. For hosting companies, such vulnerabilities can lead to unauthorised access to sensitive customer data or control over hosting resources, further emphasizing the need for reliable security protocols and regular audits of their systems. “BotGuard OÜ’s solutions are designed to address these exact challenges, enabling businesses to safeguard their digital assets. The technology is incredibly easy to use, making it accessible for businesses of all sizes,” the company said.
By participating in GITEX GLOBAL 2024, BotGuard OÜ aims to expand its reach in the Middle East, providing local businesses with the tools they need to combat cyber threats effectively. During the event, live demonstrations in Hall 25 stand H25-21 will showcase how their website protection can be set up within a minute. These demonstrations will highlight the efficiency and effectiveness of BotGuard’s solutions.
-
Cyber Security1 week ago
Global Cybersecurity Efforts Gain Momentum, But More Action Needed
-
Cyber Security1 week ago
Proofpoint Sets New Standard for Human-Centric Security
-
Homeland Security1 week ago
Homeland Security Market is Expected to Surpass $900 Bn By 2032
-
Homeland Security1 week ago
Lockheed Martin Delivers C-130J Super Hercules to Egypt
-
Events1 week ago
GITEX Digi_Health 5.0 Expo-Summit Asia Launches in Thailand
-
Cyber Security1 day ago
UAE and Saudi Arabia Face Unprecedented 70% Rise in Threats: Positive Technologies
-
Cyber Security2 days ago
BotGuard OÜ to Offer Live Demos at GITEX GLOBAL 2024
-
Cyber Security13 hours ago
AmiViz Champions Cybersecurity Innovation at Leading MENA Events