Bitdefender Threat Debrief | April 2023

Bitdefender Threat Debrief | April 2023

MDR Insights

The recent survey conducted by Bitdefender highlights some concerning trends in the state of cybersecurity. The fact that more than half of organizations have suffered a data breach in the past 12 months is alarming, and the majority of those affected have been asked to keep the data leak under wraps, which can make it difficult to take appropriate action to protect against future breaches. 

The recent trend of threat actors identifying vulnerabilities with PoC (Proof-of-Concept) targeting popular software (a few examples are Log4j, Microsoft Exchange, VMware ESXi or the most recent vulnerability in MSMQ) and quickly weaponizing them could explain why vulnerability and zero-day exploits are seen as the biggest risk by a majority of respondents in the Bitdefender survey. 

This approach allows attackers to exploit vulnerabilities in software before patches are released, putting organizations at risk of a data breach. Once a vulnerability has been weaponized, it can be rapidly disseminated to other attackers, making it difficult for organizations to defend against. 

As a result, it is critical for organizations to have effective patch management processes in place to ensure that vulnerabilities are identified and patched as quickly as possible. Additionally, having robust detection and response capabilities can help to identify and mitigate attacks that bypass traditional security measures. 

It is worth noting that upcoming legislation such as the NIS2 Directive from the European Union and the US National Cybersecurity Strategy 2023 are attempting to shift the responsibility for cybersecurity to software vendors. This has the potential to change the security landscape significantly. 

If software vendors are held accountable for security vulnerabilities in their products, it could lead to a stronger focus on security during the development process. This could result in better-quality software with fewer vulnerabilities and a more secure overall environment for users. 

Ransomware Report

Spear phishing attacks are often used as an initial attack vector and ransomware infection is often the final stage of the kill chain. For this report, we analyzed malware detections collected in March 2023 from our static anti-malware engines. Note: we only count total cases, not how monetarily significant the impact of infection is. Opportunistic adversaries and some Ransomware-as-a-Service (RaaS) groups represent a higher percentage compared to groups that are more selective about their targets, since they prefer volume over higher value. 

Article Link: Bitdefender Threat Debrief | April 2023