Organizations are expected by KPMG analysts to lean more toward digital trust and zero trust implementation to combat cybersecurity threats in 2023, reports VentureBeat.
Establishing and maintaining digital trust will be gaining value among organizations as they seek to keep up with cyber regulations concerning artificial intelligence, digital infrastructure, and supply chain security, as well as transparency in attacks, said KPMG International Global Cybersecurity Leader Akhilesh Tuteja.
On the other hand, KPMG EMA Cybersecurity Leader Dani Michaux said that organizations should consider the shortening of the time window for cyberattack response amid threat actors' increasing use of automation. Growing security threats are poised to prompt organizations to adopt zero trust as they work on achieving perimeter-less security.
"Simply layering more and more protecting controls increasingly risks impeding the business. Getting the right balance between protection and rapid detection and response will be key to success and people need to be at the heart of that design," said KPMG U.S. Cybersecurity Leader Kyle Kappel.
Intrusions leveraging the vulnerability have facilitated the distribution of not only the GOREVERSE reverse proxy server but also the Condi malware, the Mirai botnet variant Jenx, and four other cryptocurrency mining payloads.
Attacks spreading the credential- and cryptocurrency wallet asset-stealing BeaverTail malware variant that delivers that information-stealing Python-based InvisibleFerret backdoor were initially conducted by Lazarus Group via fake job offers that dupe targets into executing a malicious Node.js project.
Developers have been subjected to intrusions involving the exploitation of LinkedIn to deliver a ZIP file purporting to be a Python coding challenge but contains the novel COVERTCATCH malware.