Skip to content

DXC Security Threat Intelligence Report

Stay up to date on the latest threats, vulnerabilities and nation-state activities.

Mark Hughes, president of Security, DXC

The importance of being all in on cyber

Today’s cyber threats are more complex and sophisticated than ever before. That’s why, in both our professional and personal lives, we need to be diligent about always applying the best security practices.

THREAT UPDATE

Malicious Google ad impersonates Webex download portal

When a user clicks, it installs malware by using an exploit in tracking templates to surreptitiously redirect the user to a malicious site.

By the numbers

56%
of security leaders now meet at least monthly with their boards
Nearly 80%
of IT executives believe AI and machine learning will be either important or extremely important to improving their security posture by 2024
3.5 million
cybersecurity job openings worldwide in 2023
$1,300 to $1,400
amount spent per full-time employee on cybersecurity by the most advanced companies

THREAT UPDATE

BlueShell malware targets Linux and Windows servers

Increased attacks in systems in Korea and Thailand

THREAT UPDATE

SprySOCKS Linux RAT exploits public-facing servers

Cyber espionage group targets government agencies in multiple countries

By the numbers

74%
year-on-year increase in the number of cyberattacks on healthcare organizations in 2022
Nearly one-third
of organizations have weak password policies
14
new ransomware families discovered in 2023
$4.45 million
average cost of a data breach worldwide in 2023, a 15% increase over 3 years

Other news

Cybercriminals weaponize installer tool for cryptomining

Advanced Installer, a Windows tool for creating software packages, has been abused by threat actors to drop cryptocurrency-mining malware on infected machines since at least late 2021.

Phishing-as-a-Service gets smarter: Microsoft

Microsoft is warning of an increase in adversary-in-the-middle (AiTM) phishing techniques. These attacks are being propagated as part of a new phishing-as-a-service (PhaaS) cybercrime model.

Millions infected by spyware in fake Telegram apps

Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store. They’re designed to harvest sensitive information from compromised Android devices.

BlackCat ransomware hits Azure Storage with Sphynx encryptor

The BlackCat ransomware gang is using stolen Microsoft accounts and the recently spotted Sphynx encryptor to encrypt Azure cloud storage. Incident responders say the attackers have adopted a new Sphynx variant that offers added support for using custom credentials.

Vietnamese hackers go phishing with Facebook Messenger

A new phishing attack leverages Facebook Messenger to propagate messages with malicious attachments from fake and hijacked personal accounts. The ultimate goal: taking over targets’ business accounts.

New HijackLoader makes cybercrime waves

This malware loader uses various techniques to let criminals deliver payloads while flying under the radar. These techniques include syscalls, monitoring processes and delayed code execution.

PowerShell steals hashes from compromised PCs

This new cyberattack campaign leverages PowerShell scripts associated with a legitimate red teaming tool to plunder NTLMv2 hashes from compromised Windows systems. Most of the affected systems have been located in Australia, Poland and Belgium.

Retool’s cloud clients attacked by SMS-based phishing

Software developer Retool says the accounts of 27 cloud customers were compromised by a targeted SMS-based social engineering attack.

Subscribe for the latest threat updates.

 

 

DXC Security Threat Intelligence Report

Get the latest threat updates

Protect your enterprise. Subscribe to DXC's monthly report on the latest threats, breaches, cybercrimes and nation-state activities.