Connect with us

Hi, what are you looking for?

Tech News

Top 5 Cyber ​​Threats for Businesses: What to Watch Out For

Top 5 Cyber ​​Threats for Businesses: What to Watch Out For

corporate threats.  (photo: Dir&Ge)
corporate threats. (photo: Dir&Ge)

The cyber criminals use different alternatives to carry out malicious activities, from exploiting misconfigured databases, to socialization techniques to trick employees into obtaining information or access permissions, a vulnerability in technology used by the organization or provider, or the use of weak and easily identifiable systems.

ESET states that although the ransomware is a particular kind of malware that concerns organizations due to its reputation and economic impact, is not the only form of cyber threat, rather, it is mainly aimed at companies. Next, top 5 corporate threats that highlights the company software specialized in cyber security:

1. Data leak or exposure

Advertisement. Scroll to continue reading.

It is caused by improper access to the organization’s systems. While on the network, some threat actors manage to avoid radar detection and conduct reconnaissance missions, seek out sensitive information to steal, and gain access to more important and valuable information. Initial ways of accessing a victim’s system vary, as attackers can use different vectors for their task.

While information leaks or disclosures can be the result of a variety of threats, such as a hack phishing malware download or brute force attacks, leaks are also caused by human error, such as a database misconfiguration or someone within the organization accessing the organization with unnecessary permissions and Sharing confidential information by mistake or intentionally.

2. Social engineering

Advertisement. Scroll to continue reading.

Social engineering has evolved, today there are many attacks that use bot voice to steal verification codes, campaigns of vishing via messaging apps like WhatsApp to call potential victims, but also through text messages.

The same thing happens in the social networkswhere attackers not only use fake profiles posing as friends, work contacts or organizations, but also employ techniques using software programs to extract follower information and thus capture certain user profiles.

Another thing to keep in mind is scams of a Business Email Compromise (BEC). The attackers pose as an executive or CEO of a company and demand, for example, an urgent transfer to a supplier.

Advertisement. Scroll to continue reading.

Attacks have also begun to be reported deep fake Y deep voice, where attackers use software based on artificial intelligence to impersonate real people through images and/or voices.

Example of a deep fake: on the left, the real photo of Barack Obama.  On the right, the result of using deep fake.  (photo: OpenDemocracy)
Example of a deep fake: on the left, the real photo of Barack Obama. On the right, the result of using deep fake. (photo: OpenDemocracy)

3. Brute force attacks

One of the most common ways cybercriminals use to gain access to corporate systems is through the use of brute force attacks.

Its goal is to crack the weak credentials of services exposed to Internet to gain access to the victim’s network and then perform other malicious actions, such as stealing information or deploying harmful malware. There are different types, like for example 2 of them:

Advertisement. Scroll to continue reading.

– Password spraying.

– Credential stuffing.

For it, cybercriminals use software, hardware and databases (from dictionaries, from the most common passwords to leaked credentials from past breaches) that allow them to automatically check username and password combinations until they find valid credentials for certain services.

Advertisement. Scroll to continue reading.

It is important to note that the use of weak passwords is a common practice and easy to root, so TechMarkup recommends read this note to create a password as secure as possible.

4. RATs, Remote Access Trojans

This type of malware is very dangerous for organizations due to its ability to spy and steal information. Through the command sent remotely you can:

Advertisement. Scroll to continue reading.

– Steal saved credentials in the Web navigator and of messaging apps.

– Run keylogger, which record keystrokes.

– Carry out screenshots.

Advertisement. Scroll to continue reading.

Take pictures from the camera of the computer either laptop.

– Register the Audio.

– Intercept communications

Advertisement. Scroll to continue reading.

Download other malware in the device.

There are several active RATs, some of the most used by cybercriminals are Agent Tesla, njRAT, WSHRAT, Remcos, among other. They are often distributed via phishing campaigns that include malicious attachments or links, via fake apps or installers, and more.

njRAT.  (photo: Pcrisk.es)
njRAT. (photo: Pcrisk.es)

5. Supply chain attacks

Another threat that organizations must consider is the supply chain; that is, if you are adequately prepared to face the consequences of an attack against a provider whose security management is beyond your reach.

Advertisement. Scroll to continue reading.

Usually these attacks take advantage of existing vulnerabilities in software vendors and distributed malicious actors, such as an update or app malicious, resulting in customer engagement from that vendor.

This allows cybercriminals to have a greater reach, as opposed to an attack that targets a single organization, engaging multiple businesses in the same campaign.

Advertisement. Scroll to continue reading.

Advertisement. Scroll to continue reading.
Advertisement
Advertisement

Related

OPPO Enco X2 are launched globally with ANC and autonomy of up to 40 hours;  see the price

Android

OPPO is finally launching this Monday (04) the Enco X2, its new pair of advanced wireless headphones with advanced features and promises of long...

“Rescue Mission 2″: Joe Russo reveals more details of the sequel with Chris Hemsworth “Rescue Mission 2″: Joe Russo reveals more details of the sequel with Chris Hemsworth

Entertainment

“Rescue Mission” is one of the most watched and most played films on Netflix. (Netflix) Since its premiere in 2020, Rescue Mission (Extraction) became...

Huawei announces mobile WiFi 3 Pro router, Tag and new colors for the P50 Pocket Huawei announces mobile WiFi 3 Pro router, Tag and new colors for the P50 Pocket

Android

At an event this Monday morning (04), Huawei presented several products, in addition to the long-awaited Nova 10 line phones. Among them is the...

Premieres in streaming: week of July 4 to 10 Premieres in streaming: week of July 4 to 10

Entertainment

The top premieres that you can enjoy this first week of July. (Apple TV+, Netflix, NBC, Paramount Pictures, Starzplay) These next 7 days of...

Advertisement

You May Also Like

Android

The realme GT 2 Pro and the Edge 30 Pro have the same objective of showing themselves as interesting options for the consumer, within...

Entertainment

Luciana is immersed in a circle of mysterious deaths of her relatives, which becomes smaller and smaller around her. (Netflix) The new Argentine film...

Tech News

Digital verification is essential in any online purchase (photo: ESAN) Digital identity is the most important process in an online purchase process, because in...

Entertainment

Four 12-year-old newspaper delivery girls travel back in time and their lives change forever. (Prime Video) Among the upcoming releases of the year, Papergirls...

Advertisement