This is a threat focus report on Drupalgeddon2

Recently, cybercriminals have managed to redirect web-based crypto-wallet DNS queries to a malicious mirror website. By doing so, they were able to steal $17m in Ethereum. The hackers pulled off a BGP (Border Gateway Protocol) hijacking attack on the website’s DNS service host, causing it to receive a false IP address and direct users to a phishing website. As a result, the users became victims of the attack, losing their stored wallet’s crypto-currency.

The 2018 edition of Webroot’s annual Threat Report shares a glimpse into their discoveries and analysis of threat activity throughout 2017, to equip you with the knowledge you need to overcome modern cybercrime.

The Webroot Threat Research Team has analyzed the data from our customer base during the first half of 2018. This mid-year threat report not only shows the stats, but also tells the story behind the headlines. The bottom line from our observations: it has never been more important to implement a robust, effective, multi-layered and continuously evolving security approach to keep valuable data and systems secure.

This report offers the following taglines - IoT device breaches undetectable by nearly half of companies, and use of blockchain technology to help secure IoT data, devices and services doubles in a year.

This report offers insight into OilRig an Iranian-linked Advanced Persistent Threat. It discusses who they are and why you should care.

The third quarter of 2017 saw an increase in the number of malicious apps flooding the mobile marketplace, the continued issues of imitation and trojan apps in official app stores, and the emergence of the WireX mobile botnet. In this report, they’ll give an overview of these mobile threats, as well as emerging trends they anticipate will be prevalent in Q4 and beyond to help you protect yourself and your customers.

RiskIQ uses its repository of scanned mobile application stores to perform analysis on threat trends in the mobile application space. Q2 showed a nearly 57 percent increase in blocklisted apps over Q1. Key threat trends include brand imitation, phishing, malware, malvertising scams crossing into the mobile realm, targetted attacks against MyEtherWallet, and the misuse of location data by major mobile providers.

RiskIQ uses its repository of scanned mobile application stores to perform analaysis on threat trends in the mobile application space. The first quarter of 2018 showed a 43 percent decrease in blocklisted apps over Q4. Key threat trends include brand imitation, phishing, malware. A spike in apps targeting cryptocurrency and high-profile threats from nation-state actors.

In this report, IntSights looks to identify which mobile platforms are gaining traction and may be the future backbone of the illegal cyber-economy. The data in this report will help you understand how dark web communication is changing with mobile adoption and how this impacts the way security teams monitor dark web activity. By reading this report, security teams can better prepare for this shift and be better resourced to evolve with it

In this research report, IntSights and Riskified will show the scope and severity of the current threat and fraud landscape for retailers. We will share key research findings and common examples of retail fraud and show how fraudsters commonly target retailers using their digital assets and the dark web. Additionally, we will explore the latest threats to the retail sector, such as tools, techniques and real-life examples, and we will close with our predictions for 2019.

In 2017 we saw a measurable increase in cyber attacks executed by State sponsored hacking groups and APT’s. The Top 5 Threat Actors highlighted in this report carried out some of the most notable and financially devastating attacks of 2017 and are likely sponsored by nation-states. Cyber-attacks have become, and will continue to be, key elements of twenty-first century political warfare and terrorism. We believe that the use of cyber terror and other state sponsored attacks will increase in 2018 after it’s success in 2017.

This report posits the opinion that state-sponsored cybercrime is the fastest growing threat in cybersecurity. They discuss how usually state sponsored groups attack other governments and militaries, but in the last few years they are starting to see more activity directed towards the financial sector.

From the report, “From the start of 2017 through the first half of 2018, cybercrime groups have generated billions of dollars worth of profit and have caused gross losses of more than $1 trillion to the markets because of their attacks, according to the World Economic Forum1. Over the past year, we have seen a surge in attempts to attack banks across both existing and new vectors, including targeting major bank transfer platforms (such as SWIFT), phishing emails and phishing websites to steal credentials (targeting both customers and employees), mobile malware and fake mobile applications, ATM scamming methods, ATM and PoS (Point of Sale) attacks, DDoS campaigns and attacks against e-banking interfaces.”

In this report, you’ll learn how many DevOps servers may be exposed based on a study done by the IntSights research team, how cyber criminals typically access open DevOps servers, and what you can do to protect yourself and your data from a DevOps cyber attack.

In this research report, they uncover the Dark Side of Asia to provide you with an inside look into key trends, laws, motivations and threat actors of the increasingly threatening Asian Internet community.

A first hand account of using open source intelligence techniques to discover publicly exposed data stores of healthcare information.

IntSights provides the industry’s most comprehensive view into internal and external threats facing the Gaming and Leisure industry. This report will demonstrate and classify threats that are actively underway, or being planned. This will enable security teams to better resource and fortify their infrastructure against attacks.

This report offers insight into how you can use the theory of 8 degrees of separation in threat research.

Mention the dark web and many people summon imagery of a massive, mysterious online criminal underground, where all manner of products and information are bought, sold, and traded, hidden away from the prying eyes of the public and law enforcement. But is that really what it’s like, or is that just cybersecurity marketing hype?

IntSights provides the industry’s most comprehensive view into external threats facing the automotive vertical. This report will help you scope the external threats actively underway or being planned. By reading this report, security teams can better resource and fortify their infrastructure against attacks.