Euromedia24 on Play Store Euromedia24 on App Sore
BNB

$870.47

BTC

$113082

ADA

$0.868816

ETH

$4608.63

SOL

$213.76

31 °

Yerevan

20 °

Moscow

45 °

Dubai

20 °

London

26 °

Beijing

23 °

Brussels

16 °

Rome

23 °

Madrid

BNB

$870.47

BTC

$113082

ADA

$0.868816

ETH

$4608.63

SOL

$213.76

31 °

Yerevan

20 °

Moscow

45 °

Dubai

20 °

London

26 °

Beijing

23 °

Brussels

16 °

Rome

23 °

Madrid

What cyber threats are relevant for the CIS countries?


"Kaspersky" presented the report "Landscape of threats for Russia and the CIS" in 2024 and the first quarter of 2023. In the document, the Kaspersky Cyber ​​Threat Intelligence team described current threats, compiled a list of attack tactics, techniques and procedures, as well as cyber risk mitigation measures.
The main conclusions of the report. Over the past year and a half, the threat of hacktivism has continued to gain momentum. Attackers target organizations with weak defenses without being tied to a specific branch, using any tool available on the open network. At the same time, groups that attack for espionage and financial gain, such as code hackers, are not slowing down.
Bad actors prefer not to change their scripts and attack the least prepared organizations from a cybersecurity perspective, for example by exploiting already known and widespread vulnerabilities in products that many organizations use.
Vulnerabilities in corporate network attacks. More than half of the most actively exploited CVEs were reported in the late last decade. The most common in 2023 and the first quarter of 2024 was CVE-2021-44228 (Log4Shell), a critical vulnerability in the Apache Log4j repository that allows remote code execution. In second place is Microsoft Windows and Microsoft Windows Server vulnerability CVE-2019-0708 (BlueKeep). In addition to remote code execution, it also allows you to view confidential information, elevate privileges, and tamper with the user interface. Also among the top three exploits is the OpenSMTPD mail server vulnerability CVE-2020-7247, which allows remote code execution and elevation of privileges. Vulnerabilities in endpoint attacks. For attacks on corporate devices in Russia and the CIS, criminals most often use vulnerabilities in 7-Zip and WinRAR archivers, as well as in the Google Chrome browser. Attackers exploited 7-Zip vulnerabilities (CVE-2023-31102/CVE-2023-40481 and CVE-2022-29072) in attacks against organizations in Russia and the CIS in the first quarter of 2024 and in 2023. Vulnerabilities in WinRAR (CVE-2023-38831) and Google Chrome (CVE-2023-1822/CVE-2023-1812/ CVE-2023-1813 etc.) are also among the most common. Most of the most actively used loopholes (9 out of 10) allow the execution of malicious code. Moreover, almost all of them were registered in 2023. The threat of encryption programs. Malicious actors exploit the vulnerabilities for attacks using encryption programs. In 2024, they continue to be one of the top threats to organizations around the world. the number of such attacks is at a consistently high level, the total size of the ransom is increasing, and companies are facing the complexity of decryption. The top three types of encryption software in the first quarter of 2024 are Dcryptor, Lockbit and Conti trojans. In the same period last year, the trio was as follows. Phobos, Lockbit and Conti: "In preparing the report, our goal was to present a comprehensive study of the current cyber threat landscape, as well as to demonstrate once again that properly structured information security processes and analysis of attacker tactics, techniques and procedures remain a reliable means of countering cyber threats. In particular, to prevent vulnerabilities from being used in attacks on organizations, it is important to build a remediation process or Patch Management. It is also necessary to use complex defense solutions that allow to quickly identify threats and eliminate them. In addition to technical measures, it is worth paying attention to increasing the digital literacy of employees, because in most cases attacks become possible due to the human factor," comments Nikita Nazarov, head of the extended threat research department at Kaspersky.

News

"Barcelona" will demand a resignation of 500 million for Frankie de Jong
Two comrades-in-arms, one in Baku prison, the other in Yerevan. this is the "real" Armenia. Khachatryan:
The Council of the Chamber of Advocates of the Republic of Armenia condemns the cases that hinder the realization of the right to receive legal assistance
The plane carrying the head of the Pentagon sent a distress signal and made an emergency landing
The gas supply of many addresses will be stopped on October 16 and 17
The best striker of Milan was injured
The truck out of the Yerevan-Syan highway reached the road from the road and appeared between trees
Important
The third strong outbreak was recorded on the sun. tomorrow what to expect, how magnetic storms affect people's health
The birth of General David Manukyan and Igor Sargsyan is the day. Both of the conscience prisoners. Lilit Galstyan
Mariam Mkrtchyan will receive a rank of women's grandmaster
Important
Beware of the "buyers" traps on the Internet. Ng
Car accident in Kotayk region. "Mercedes" and "Gazell" collided. There are 5 wounded
The perfect management system is a failure environmental field. These Ghazaryan (video)
Important
Jalal Harutyunyan moved to the penitentiary
The concrete mixer has been issued, there is a blocked citizen
Important
During 7-8 hours, no investigative action with me did. Lord tolerance
Charity Branch Konstantin Sarkisyan at One & only Theater (video)
The former husband of singer Sian demands $ 250,000 a month
Important
The RA government violates the right to religious freedom, not to give a provocation, stay strong.
At the end of the season, I will decide whether to continue playing or not. Mkhitaryan