How Attackers Can Own a Business Without Touching the Endpoint

Attackers are increasingly making use of "networkless" attack techniques targeting cloud apps and identities. Here's how attackers can (and are) compromising organizations – without ever needing to touch the endpoint or conventional networked systems and services.

Before getting into the details of the attack techniques being used, let's discuss why these attacks are becoming more prevalent.



Comments

Post a Comment

Popular posts from this blog

FBI, CISA warn US hospitals of targeted BlackCat ransomware attacks

Image
By Sergiu Gatlan,  Bleeping Computer Today, the FBI, CISA, and the Department of Health and Human Services (HHS) warned U.S. healthcare organizations of targeted ALPHV/Blackcat ransomware attacks. "ALPHV Blackcat affiliates have been observed primarily targeting the healthcare sector," the joint advisory cautions. Today's warning follows an April 2022 FBI flash alert and another advisory issued in December 2023 detailing the BlackCat cybercrime gang's activity since it surfaced in November 2021 as a suspected rebrand of the DarkSide and BlackMatter ransomware groups. The FBI linked BlackCat to over 60 breaches during its first four months of activity (between November 2021 and March 2022) and said the gang has raked in at least $300 million in ransoms from over 1,000 victims until September 2023. "Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized," the three federal agencies warned in today...
Read more

Why remote desktop tools are facing an onslaught of cyber threats

Image
By Solomon Klappholz, IT Pro Hackers are increasingly targeting remote desktop tools in their attacks, new research reveals, prompting warnings for enterprises globally In the era of hybrid work, remote desktop tools have become vital business enablers, but due to their pervasiveness on corporate networks they have become a popular entry point for cyber criminals. If successfully exploited, remote access tools can provide hackers with a direct pathway into a system or network, and once access is gained attackers can move laterally within the network, escalating privileges and maintaining persistence. In an investigation into which remote desktop tools are targeted the most, Jonathan Tanner, senior security researcher at Barracuda Networks, explained that remote desktop software poses a particular challenge to IT teams to secure. “Among the security challenges facing IT teams implementing remote desktop software is that there are many different tools available, each using different and ...
Read more

London hospitals cancel over 800 operations after ransomware attack

Image
By Sergiu Gatlan,  Bleeping Computer NHS England revealed today that multiple London hospitals impacted by last week’s Synnovis ransomware attack were forced to cancel hundreds of planned operations and appointments. Formerly known as Viapath, Synnovis was established as GSTS Pathology in 2009 and switched to the Synnovis brand in October 2022. The organization was established as a partnership between SYNLAB UK & Ireland, Guy's and St Thomas' NHS Foundation Trust, and the King's College Hospital NHS Foundation Trust. Ongoing service disruptions at Guy's and St Thomas' NHS Foundation Trust, King's College Hospital NHS Foundation Trust, and primary care providers across South East London result from Synnovis being locked out of its systems by a June 3 attack linked to the Qilin ransomware operation. While memos issued by hospital officials revealed this "ongoing critical incident" has had a "major impact" on their procedures and operations ...
Read more