Quarterly Threat Report: 2018 Q1

save
Share and earn Cybytes
Facebook Twitter LinkedIn Email

Spring is here! The sun is shining, the birds are chirping, and attackers are coming up with more convincing ways to steal user credentials. While fairer weather does not lull attackers into slowing their pace, it does mean that you can at least sit in the sunshine and read our findings from the past quarter before continuing the mission of defending your network against an often persistent, sometimes creative, and always-on-the-job adversary. This quarter’s report covers three main areas of concern for the modern IT defender:

User Identity:

Credential theft, reuse, and subsequent suspicious logins are—today—the most commonly reported significant incident we’re seeing across both small (<1,000 endpoints) and large organizations (≥1,000 endpoints).

DDoS:

The DDoS landscape just got a lot more interesting with the debut of a new technique using misconfigured—and plentiful—memcached servers. The memcached attack on GitHub was a harbinger of things to come for DDoS mitigation practices.

SMB and SMI:

Finally, we take a look at the increasing levels of SMB and Cisco SMI attacker probes and attacks, where the former continues to define the “new normal” level of background malicious behavior around Windows networking, and the latter begins to bring shape to this relatively new attack vector targeting core router infrastructure.

Download the report here to explore the findings! 

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
Follow
334 Followers
About Rapid7
Rapid7 (NASDAQ:RPD) powers the practice of SecOps by delivering shared visibility, analytics, and automation that unites security, IT, and DevOps teams. The Rapid7 Insight platform empowers these teams to jointly manage and reduce risk, detect and contain attackers, and analyze and optimize operations. Rapid7 technology, services, and research drive vulnerability management, application security, incident detection and response, and log management for more than 7,000 organizations across more than 120 countries, including 52% of the Fortune 100.
Promoted Content
30-Day Trial: UBA-Powered SIEM with Rapid7's InsightIDR
Rapid7 InsightIDR delivers trust and confidence: you can trust that any suspicious behavior is being detected, and have confidence that with the full context, you can quickly remediate. From working hand-in-hand with security teams, we understand how painful it is to triage, false-positive, vague alerts and jump between siloed tools, each monitoring a bit of the network. InsightIDR combines SIEM, UBA, and EDR capabilities to unify your existing network & security stack. By correlating the millions of events your organization generates daily to the exact users and assets behind them, you can reliably detect attacks and expose risky behavior - all in real-time.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel