Ten threat operations were behind 44% of all cybersecurity incidents last year, with Russian state-sponsored hacking group APT28 and Cobalt Group being among the most prolific attackers, TechRadar reports.
Attackers mostly used hacking infrastructure from China and Russia despite global operations, with organizations in the IT and tech sectors being most subjected to cyber intrusions, followed by those in the telecommunications and government industries, a report from SecurityScorecard revealed. The findings also showed the mounting prevalence of supply chain attacks.
Meanwhile, countries' gross domestic product figures were found to be significantly associated with their cybersecurity risk exposures, with researchers providing the highest cybersecurity score to Northern Europe while giving the lowest to Central Asia.
"Progress starts with precise measurement. And until recently, cybersecurity lacked effective measurement... Security Ratings arm global leaders with a universal language to be relentlessly data-driven in managing cybersecurity risk," said SecurityScorecard CEO Aleksandr Yampolskiy.
As part of its latest attacks discovered in June, Tropic Tropper exploited several known Microsoft Exchange Server and Adobe ColdFusion vulnerabilities to distribute an updated China Chopper web shell on a server hosting the Umbraco open-source content management system.
More than 50 Alibaba-hosted command-and-control servers have been leveraged to facilitate the distribution of the backdoor, which impersonates the Java, bash, sshd, SQLite, and edr-agent utilities.
Angola and the Democratic Republic of Congo, which is a new Intellexa client, may have leveraged new Predator infrastructure to enable spyware staging and exploitation, according to an analysis from Recorded Future's Insikt Group.