Hackers employ nuanced tactics to evade detection

Threat actors evolved tactics, opting for a more nuanced approach that spread attacks across a broader timeframe to blend in with legitimate traffic and evade detection during peak holiday shopping times, according to Cequence Security.
The months before the 2023 holidays demonstrated a change in tactics, techniques, and procedures by adversaries against prominent retailers.
Attackers have shown that they are highly sophisticated and have great persistence and depth of planning.
Many companies, and retailers in particular, take the holiday season as their cue to focus more on security and begin to lock down their networks and applications.
In the second half of 2023 alone, gift card fraud increased by 110%, while scraping, loyalty card fraud and payment card fraud increased by a collective average of over 700% as attackers lay the groundwork for holiday sale attacks ahead of retailer security crackdowns.
These types of attacks are correlated and spiked together because those parts of the website, applications, and associated APIs are related, especially as they pertain to attacks.
This insight shows that these retailers were not experiencing simple brute force-style attacks in isolation, but sophisticated attacks from adversaries displaying highly varied TTPs. Rising threat of trust-building account takeovers.
Most online retailers encounter attacks that employ standard well-known account takeover tactics that peak during the holidays.
Account takeovers increased a staggering 410 times for retailers in the second half of the period analyzed.
The report shows that many products were added to carts via automated tooling to volumetrically flood systems, purchasing as many in-demand items as possible, effectively cornering the market and preventing sales to legitimate customers.
Whether it's Taylor Swift concert tickets or the latest hot sneaker drops, bots are a massive problem for fans and retailers alike.
With attackers constantly refining their tactics and expanding their arsenal, the need for a vast, historical threat intelligence database and an expert team to decipher the rapidly evolving API threat landscape has become increasingly paramount.
Across their entire customer base, Cequence detected malicious traffic from 719 million unique IP addresses and 325 million malicious login attempts from June to November 2023, highlighting the scale of today's threats.


This Cyber News was published on www.helpnetsecurity.com. Publication date: Tue, 02 Jan 2024 05:13:06 +0000


Cyber News related to Hackers employ nuanced tactics to evade detection

Hackers employ nuanced tactics to evade detection - Threat actors evolved tactics, opting for a more nuanced approach that spread attacks across a broader timeframe to blend in with legitimate traffic and evade detection during peak holiday shopping times, according to Cequence Security. The months ...
11 months ago Helpnetsecurity.com
Optimizing Cybersecurity: How Hackers Use Golang Source Code Interpreter to Evade Detection - Hackers have been upping the stakes when it comes to executing cyberattacks, and an increasingly popular tool in their arsenal is the Golang source code interpreter. Reportedly, the interpreter is used to obfuscate code, thus making it harder for ...
1 year ago Bleepingcomputer.com
Why Is an Australian Footballer Collecting My Passwords? The Various Ways Malicious JavaScript Can Steal Your Secrets - Unit 42 researchers have observed threat actors using malicious JavaScript samples to steal sensitive information by abusing popular survey sites, low-quality hosting and web chat APIs. In this article, we'll describe some of the tactics used by ...
1 year ago Unit42.paloaltonetworks.com
Week in review: 15 open-source cybersecurity tools, Patch Tuesday forecast - Wi-Fi 7's mission-critical role in enterprise, industrial networkingIn this Help Net Security interview, Tiago Rodrigues, CEO at Wireless Broadband Alliance, discusses the transformative world of Wi-Fi 7, exploring its features and the impact it ...
11 months ago Helpnetsecurity.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
PRODUCT REVIEW: ENEA QOSMOS THREAT DETECTION SDK - The Qosmos Threat Detection Software Development Kit is Enea's innovative solution to the demand for more robust, adaptable, and high-performance network threat detection platforms. ADVANCED THREAT DETECTION WITH SUPERIOR TRAFFIC VISIBILITY. ...
11 months ago Cybersecurity-insiders.com
A primer on storage anomaly detection - Anomaly detection plays an increasingly important role in data and storage management, as admins seek to improve security of systems. In response to these developments, more vendors incorporate storage anomaly detection capabilities into their ...
1 year ago Techtarget.com
Why It's More Important Than Ever to Align to The MITRE ATT&CK Framework - These missed attacks often stem from either hidden gaps in detection coverage - or due to alerts that got buried in a sea of noisy alerts and were never even pursued by the Security Operations Center team. In other words, we need to be able to report ...
1 year ago Cyberdefensemagazine.com
MacOS info-stealers quickly evolve to evade XProtect detection - Multiple information stealers for the macOS platform have demonstrated the capability to evade detection even when security companies follow and report about new variants frequently. A report by SentinelOne highlights the problem through three ...
11 months ago Bleepingcomputer.com
How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
1 year ago Hackread.com
Hacker Conversations: Chris Evans, Hacker and CISO - Chris Evans is CISO and chief hacking officer at HackerOne. SecurityWeek's Hacker Conversations series seeks to understand the mind and motivations of hackers by talking to hackers. Evans challenges the common perception of both hackers and their ...
5 months ago Securityweek.com
Booking.com hackers increase attacks on customers - Hackers are increasing their attacks on Booking.com customers by posting adverts on dark web forums asking for help finding victims. Cyber-criminals are offering up to $2,000 for login details of hotels as they continue to target the people who are ...
1 year ago Bbc.com
Hackers Use Google Ads to Install Malware - NET malware loaders that were disseminated via malvertising attacks was discovered by SentinelLabs. The loaders, known as MalVirt, leverage the Windows Process Explorer driver for process termination together with obfuscated virtualization for ...
1 year ago Cybersecuritynews.com
GootBot Implant Heightens Risk of Post-Infection Ransomware - A "GootBot" implant, a variant of the notorious Gootloader malware, has been discovered by the IBM X-Force team. In an advisory published Monday, X-Force noted that Gootloader has typically been utilized as an initial access malware. The introduction ...
1 year ago Infosecurity-magazine.com
Sophisticated macOS Infostealers Get Past Apple's Built-In Detection - Increasingly sophisticated infostealers are targeting macOS with the capability to evade Apple's built-in malware protection, as attackers are becoming more savvy about how to crack static signature-detection engines like the platform's proprietary ...
11 months ago Darkreading.com
North Korean Hackers Use Fake Job Offers & Salary Bumps as Lure for Crypto Theft - Recent investigations have uncovered a massive operation carried out by North Korean hackers looking to steal cryptocurrency through fake job offers and salary bumps. According to recent reports, hackers have been able to trace the malicious ...
1 year ago Therecord.media
The Power of Endpoint Telemetry in Cybersecurity - Cisco - By filtering out unwanted data, this telemetry reduces noise and offers clear visibility into endpoint activities, including processes, parent-child process relationships, triggered events, files and network activity, whether malicious or benign. ...
2 months ago Feedpress.me
Building Your Defense Toolbox: Tools and Tactics to Combat Cyber Threats - The emergence of AI-powered malicious chatbots, such as WormGPT and FraudGPT, has enabled malicious threat actors to not only refine their skills but also consolidate all their malicious activities and tools into one, like a toolbox. Understanding ...
10 months ago Hackread.com
What is Identity Threat Detection and Response? - Identity Threat Detection and Response remains crucial for preventing unauthorized access and mitigating security breaches. The security of digital identities has never been more paramount, and Identity Threat Detection and Response is a 2024 ...
11 months ago Securityboulevard.com
Apple Faces New Security Dilemma as Infostealers Execute Stealthy Attacks - There is an increase in the sophistication of info thieves targeting macOS, allowing them to evade Apple's malware protection built into the operating system as these attackers have become better at cracking static signature-detection engines like ...
11 months ago Cysecurity.news
Hackers breach Australian court hearing database - The court system for Australia's second-most-populated state was hit by a ransomware attack that potentially exposed sensitive recordings of some court hearings. Court Services Victoria, an administrative body that supports the operations of the ...
11 months ago Therecord.media
FBI disrupts Moobot botnet used by Russian military hackers - The FBI took down a botnet of small office/home office routers used by Russia's Main Intelligence Directorate of the General Staff in spearphishing and credential theft attacks targeting the United States and its allies. This network of hundreds of ...
10 months ago Bleepingcomputer.com
Lazarus hackers drop new RAT malware using 2-year-old Log4j bug - The new malware are two remote access trojans named NineRAT and DLRAT and a malware downloader named BottomLoader. The D programming language is rarely seen in cybercrime operations, so Lazarus probably chose it for new malware development to evade ...
1 year ago Bleepingcomputer.com
The Emerging Landscape of AI-Driven Cybersecurity Threats: A Look Ahead - In recent years, the rapid advancement and integration of artificial intelligence into various sectors have not only brought about a revolution in efficiency and capability, but have also introduced a new frontier in cybersecurity challenges. This ...
11 months ago Securityweek.com
Microsoft: BlueNoroff hackers plan new crypto-theft attacks - Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn. This financially motivated threat group also has a documented history of cryptocurrency ...
1 year ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)