Enterprises today must grapple with aggressive and highly innovative threats as they battle to conquer a cyber playing field with no rules.” The Check Point Global Threat Index is a monthly report that highlights live threat intelligence trends from around the world.
The report calls attention to significant global malware trends and to new attack vectors and once again demonstrates the importance of multi-layered security in preventing cyber threats.
One of the major takeaways from May is the exponential growth of SafePay, a newer and lesser-known ransomware group. SafePay has exploded to become the most prolific ransomware actor and uses a double-extortion strategy to encrypt victims’ files and simultaneously steal victim’s sensitive data to increase extortion pressure for payment.
Although not a Ransomware-as-a-Service (RaaS) operation, SafePay’s single point of centralization results in a similar modus operandi and targeted efforts and indicates a marked preference for German targets.
FakeUpdates (aka SocGholish) remains the most prevalent malware globally, affecting 5% of organizations across the globe. This downloader malware is part of the Evil Corp group of Russian hackers and spread through drive-by downloads from compromised/malicious web sites that enable installation of fake browser updates. It is a major carrier for secondary payloads following the primary infection.
The report also highlights the ongoing risk associated with Lumma infostealer, despite Europol’s and partners’ action to disrupt the associated cybercrime underground infrastructureersecurity matter than I need to?
With regards to attack methods, phishing remains a top threat type as it is involved in a large percentage of cloud-based security incidents. Supply chain weakness is also a top concern for 54% of businesses, further highlighting that one company’s risk can quickly become another’s.
These numbers are a hard evidence that cybercrime is a constantly growing and expensive menace. To create a more secure digital future, strategic investments in cybersecurity, enhanced public-private cooperation, and ongoing investment in our workforce are necessary.
