Subscribe To Our Newsletter!

Stay up to date on the top trending threats as well as the top stories in Security, Networks, Cloud, IT Ops & AIOps.

KNOW your Attack Method of the Week: Data Breach

Here's how you can KNOW about the latest data breaches in the global threat landscape

Post by Rajarshi Mitra Sep 03, 2020

Today we’re highlighting attack methods and the one we want to put the limelight on is “data breach.” As per the norm, let’s quickly take a look at our threat intel dashboard.

Data breach

Alright, so there are two things one needs to observe here. “Data breach” is

  • The third most referenced attack method in the last seven days.
  • The second most popular attack method for the last two months.

Why are data breaches so dangerous?

A data breach can be defined as a cyber security attack where a malicious actor steals an individual’s personal and confidential information. The information can include name, birth date, street address, bank account information, health care history, Social Security number, etc. To understand how devastating data breaches can be, think about what happened with Equifax. A small blunder on the company’s part led to the exposure of Social Security numbers, birth dates, home addresses, tax ID numbers, and driver’s license information of around 148 million people.

Exploring data breaches with KNOW

data breach

 

 

 

When you click on data breaches in the dashboard, you will be redirected to the above page. The latest news articles regarding data breaches will be listed there, sorted by relevance. While this can be pretty handy, there is another cool way that you can learn more about the data breaches going on around you.

The other side of KNOW

KNOW is not just a threat intel dashboard, but it also happens to be a news aggregator serving up the latest, hottest-trending security stories of the moment for a bird’s-eye view of the global threat landscape.

The main news section of KNOW can be accessed here.

When you go to the “data breach” section, you will see the most trending stories:

data breach

Let’s take a closer look at the story mentioned above.

There has been a spike in the number of malware-related attacks in the cryptocurrency industry. The malware targets cryptocurrency holders and steals the victim’s crypto-related files and payments. The malware is currently prevalent in Europe. The cyber security company ESET revealed that the malware uses the Tor client to communicate with its command-and-control servers on the Dark Web. The client is also used to load torrent files that will download other modules.

Besides collating all these stories, KNOW collects relevant tweets to give you more context about the breach. Along with that, KNOW gives you a small snapshot of all the malware, threat actors, etc. that are somewhat related to this incident.

In this case, we have five malware softwares that have been pinpointed by KNOW.

#1 Lokibot

  • Type: Botnet
  • Alias: Loki Bot, Loki Password Stealer, and LokiPWS.
  • Historically Linked to Campaign: Aggah campaign.
  • Recent Sandbox Sighting: AnyRun and Hybrid Analysis.
  • Historic Sandbox Sighting: AnyRun, Hybrid-Analysis, and CAPE.

#2 AveMaria

  • Type: Botnet
  • Alias: Loki Bot, Loki Password Stealer, and LokiPWS.
  • Recent Sandbox Sighting: AnyRun and Hybrid Analysis.
  • Historic Sandbox Sighting: AnyRun, Hybrid-Analysis, and CAPE.

#3 NetWiredRC

  • Type: RAT
  • Historic Sandbox Sighting: Hybrid-Analysis, and CAPE.

#4 XMRig Miner

  • Type: Cryptocurrency Miner
  • Alias: XMRig.
  • Recent Sandbox Sighting: AnyRun and Hybrid Analysis.
  • Historic Sandbox Sighting: AnyRun, Hybrid-Analysis, and CAPE.

#5 FritzFrog

  • Type: Botnet
  • Historic Sandbox Sighting: Hybrid-Analysis.

If you need more context, you can click on each individual malware and gain more context about what exactly you are dealing with here.

From the Twitterverse

@GRC_eLearning

The Egress 2020 Insider Data Breach Survey found that 78% of employees put data at risk accidentally in the last 12 months.

@Asher_Wolf

Amazon won’t disclose identity of company linked to driver’s licence data breach, NSW Government says (but maybe the person who found the breach will?)

@SkurioC

Customers that don’t return make up almost 40% of the average cost per Data Breach

What is KNOW?

KNOW is Netenrich’s Threat Intel Platform that extracts data from billions of data points and correlates relevant intel and expert analyst insights to help you follow, search, and act—in a fraction of the time it takes now.

One of KNOW’s handiest tools is the trending threats dashboard, which gives you a bird’s eye view of the most potent malware, threat actors, methods, and vulnerabilities in the following time frames:

  • Last 7 days.
  • Last 60 days.

So, want to check out KNOW some more? Why don’t you sign up? Did we mention that it’s completely free?
Or subscribe to get daily threat intel updates.

About the Author

Rajarshi Mitra

Rajarshi is a creative and accomplished writer who made his mark in the blockchain space before stepping into cybersecurity. When he is not working, he is busy chilling with his wife and cat.

Subscribe To Our Newsletter!

The best source of information for Security, Networks, Cloud, and ITOps best practices. Join us.

Thank you for subscribing!

Related Post

Jun 28 2021

KNOW this week – Clop ransomware and Molerats resurface agai

Clop ransomware launches a series of new attacks, ...

Read More
Jun 22 2021

Attack Surface Management during Mergers & Acquisitions

How to be more proactive and fix the holes in your...

Read More