March 22, 2024
Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]
Rewterz Threat Alert – Amadey Botnet – Active IOCs
December 30, 2022
Rewterz Threat Alert – PatchWork APT Group Targeting Pakistan – Active IOCs
December 30, 2022
Rewterz Threat Alert – Amadey Botnet – Active IOCs
December 30, 2022
Rewterz Threat Alert – PatchWork APT Group Targeting Pakistan – Active IOCs
December 30, 2022
Rewterz presents its most recent Annual Threat Intelligence Report 2022. Our Threat Report brings you up to speed on the latest cyber security insight and information gathered at our numerous SOCs (Security Operations Centers) and endpoints. Based on firsthand observations, this data will assist your organization in properly allocating security resources as well as better understanding and equipping yourselves for the cyber risks of 2023 so that you are prepared for the worst in the upcoming years.
Insightful cybersecurity information gathered in Rewterz’s Annual Threat Intelligence Report 2022 can help organizations improve their security posture and implement a higher degree of protection. These findings are based on an analysis and examination of hundreds of thousands of servers, protected endpoints, and SOCs that we manage. To combat the evolving techniques of cyber threat actors and safeguard organisations’ Confidentiality, Integrity, and Availability (CIA), our SOC teams employ cutting-edge threat intelligence and manage real-time threat data via our Security Orchestration Automation and Response (SOAR) platform, SIRP.
This report provides readers with a thorough understanding of the nature of the threats organisations have confronted in 2022 while operating in the cyber realm. Based on data collected by our Threat Intelligence team, this report includes the following key findings:
- Throughout the Russian-Ukrainian cyber war outbreak, there was a global rise in cyberattacks compared to the previous year.
- The United States remains the biggest attacking country in 2022, similar to 2021. Russia ranked 3rd in 2021 and topped the list in 2020 has gone to 2nd place.
- Healthcare sector emerged as the most targeted sector this year, following Financial Services and Information Technology.
- Phishing is still the most dangerous threat to individuals and organizations. The financial sector has been most impacted by phishing attacks (24%) in 2022.
- Application-layer attacks are on the rise, as around 72% of the web application attacks were carried out using Cross-Site Scripting (XSS).
- 25% of the detected cyber attacks targeted Port 443.
- The leading virus detected by our Security Operations Centers (SOC) is Virus:Win32/Ramnit.A (71%), with most attacks originating from the USA.
- One of the factors influencing the evolution of APT is still geopolitics. Gamaredon APT is reported to be the most active and most malicious Advanced Persistent Threat
- Pakistan has seen a surge in APT group attacks this year with most of the cyberattacks carried out by Donot APT, SideWinder, Patchwork, and Bitter APT groups.
- Ransomware has increased exponentially during the pandemic and the Russian-Ukrainian cyber warfare and is expected to rise in 2023 as well.
To download a full copy of the Rewterz 2022 Threat Intelligence Report, please visit: Rewterz Threat Intelligence 2022