Threat actors are actively modifying their TTPs to counter the advanced security mechanisms and tools to accomplish their illicit goals for several malicious purposes.
Hiding malicious traffic on cloud storage platforms is not an entirely new concept, and threat actors are shifting toward this concept.
Security researchers at Insikt recently identified that hackers actively exploit popular and trusted cloud platforms to hide malicious traffic.
This strategy boosts data theft efficiency and weakens the security mechanisms and defense implemented. In the case of exploitation of this approach, the APT groups take the lead, and the less advanced groups take the second lead.
This type of exploitation by hackers shows how robust, adaptable defense strategies and security mechanisms are needed to mitigate such evolving attacks.
In the report shared with Cyber Security News, researchers noted that limited reporting delays the exact trend analysis. However, the following key things suggest a rising trend in LIS abuse:-
Besides this, shifting threat tactics reduce the IOC blocking and efficacy of the basic detections. But, the solution for an effective defense system, the following things have to be performed:-
Security analysts analyzed more than 400 malware families, and they identified the following data:-
Most abused cloud platforms:-
Most abused messaging apps:-
For robust defense, properly learning about all the legitimate and malicious service usage is one of the key factors for comprehensive detection and security.
Here below, we have mentioned all the provided recommendations:-
Keep informed about the latest Cyber Security News by following us on Google News, Linkedin, Twitter, and Facebook.
A stealthy Command-and-Control (C2) infrastructure Red Team tool named ConvoC2 showcases how cyber attackers can…
Cybersecurity researchers have uncovered a sophisticated exploitation campaign involving a zero-day (0-day) vulnerability in Cleo…
GitLab announced the release of critical security patches for its Community Edition (CE) and Enterprise…
Researchers have uncovered a vulnerability that allows attackers to compromise AMD's Secure Encrypted Virtualization (SEV)…
Splunk, the data analysis and monitoring platform, is grappling with a Remote Code Execution (RCE)…
In a major international operation codenamed “PowerOFF,” Europol, collaborating with law enforcement agencies across 15…