In the first quarter of 2018, the number of cyber attacks against consumer-grade routers increased sharply, most of which were in fields such as education, construction, and biotechnology. The reason is that in our daily use, routers in these fields are highly concentrated and data transmission is intensive.
Cyberattacks on consumer routers increased fivefold in the first half of the year Attacks targeting routers have increased by 539% since the fourth quarter of 2017. The high number of attacks indicates that routers in some industries are frequently used and transmit a large amount of data. According to the investigation, cyber attackers are conducting cyber attacks by using legitimate Microsoft binaries, such as PowerShell and MSHTA, which are often used as tools to download and spread malicious code in the initial stage of malware infection. According to the survey, MuieBlackCat and ZmEu scanners were among the most popular tools in the first quarter, as they are both used to find vulnerabilities in PHP-based web servers. Researchers said that threat actors also use OpenVAS and NMAP scanners as tools to search for vulnerabilities. Hackers often use software that we use every day to attack "The prevalence of brute force attacks and outdated exploit attempts means that highly automated, low-capability threats are flooding the Internet's traffic," researchers said in the report. Most attacks on consumer routers involved information-gathering scans and intrusion attempts. The total number of router intrusions increased by 36% compared to last year, largely due to the exploitation of DNS manipulation vulnerabilities in consumer routers. At the same time, researchers also pointed out that while phishing attacks only accounted for a small portion of the total number of attacks observed, they maintained a fairly consistent success rate and often led to complete network compromise if not quickly resolved. Across all industries, phishing attempts increased by 39%, with the majority of attacks using DocuS transfers, Office 365 and OneDrive. To prevent this attack, users are advised to log Powershell activity on the network, block Word document macros, tighten user permission settings, implement application whitelisting, and keep antivirus defenses up to date. |
<<: Why 99% of business leaders are paying attention to this issue
Automakers are battling in court with Qualcomm, N...
Campus networks have a large number of users and ...
At the beginning of the month, I shared RAKsmart&...
On June 15, Aicrypt and Anbai Technology held a s...
It is 2019, and there is a serious problem that b...
[[188862]] In the past two years, consumer financ...
80VPS is a long-established Chinese hosting compa...
LOCVPS (Global Cloud) has announced the Double 11...
[[419264]] Recently, it is understood that even t...
The Guiding Opinions of the State Council on Deep...
In December, the Software Development Cloud launc...
[[394922]] This article is reprinted from the WeC...
Recently, the three major operators have successi...
ExtraVM is a foreign hosting company founded in 2...
Next, I will share some product and promotion inf...