Emerging Threats//
CrazyHunter Ransomware
CrazyHunter is a ransomware campaign targeting healthcare that weakens endpoint defenses and escalates privileges before encrypting systems at scale.
It’s the 21st Cybersecurity Awareness Month, an effort kicked off in October 2004 by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance that now draws participation from government agencies, corporations, and schools across the world.
This is a chance to remind everyone, including employees and customers, that there are simple, effective ways to keep yourself safe online, protect your personal data, and help secure our world. As a cyber threat intelligence firm, every month is Cybersecurity Awareness Month at Intel 471. We strive to understand who the most harmful cybercriminals are, how they infiltrate networks, and why they target your data. This digital threat landscape is our home field and we are constantly tracking how its players build and borrow new tactics, techniques, and procedures (TTPs). Our threat hunters develop these TTPs into “hunt packs” that help customers quickly run hunts to identify malicious behaviors in their environment and remove threats before they cause serious damage.
The key messages for the 2024 Cyber Awareness Month are:
- Use strong passwords and a password manager
- Turn on multi-factor authentication
- Recognize and report phishing
- Update software
We encourage everyone to improve their security with these measures, which are essential to remediate the exposures we focus on when sharing threat intelligence that help customers make better decisions about protecting their data. Enabling phishing resistant multi-factor authentication does help mitigate risks when infostealer malware has stolen employee credentials. When we discover actors using malware-less techniques — like a phishing kit that can bypass multi-factor authentication — we explain how customers can adapt their detection and defense strategies. When we find a threat actor selling credentials for a customer’s network on underground forums, they use this intelligence to proactively mitigate potentially vulnerable systems. And customers prioritize software patching the second they’ve mapped the weaponized vulnerabilities we track to their attack surface. Customers also have a chance to accelerate incident response when we discover a ransomware gang has posted a new victim on their name-and-shame blog — especially if it’s them, a partner, or a supplier. Timely threat intelligence evaluated by experts for credibility matters. Each piece of intelligence fuels the organization’s security operation and helps them reduce their cyber risks and continuously improve security posture.
Raising Collective Security with Memorable Advice
Communicating security best practices to the whole team in a simple, clear yet engaging way is critical to lifting collective security, and can be done internally via email memos.
We recommend to customers that each month they share practical, memorable, and human security advice that caters to everyone’s knowledge levels — from technical folks to customer support, human resources, sales teams, management, and even partners. An example might be offering timely tips for employees returning to work from vacations. Say you went on holiday with 10 browser tabs open but returned with 50 open. “Did your computer decide to explore the internet on its own, or do you just have a tab addiction? Either way, close them before they cause trouble.” And when you return to work to find your inbox overflowing with unread emails, don’t just start deleting them randomly, even though half might be junk. “Look out for any that begin with “Urgent!”— they’re likely the most dangerous, or they’re just from your boss.”
For Cybersecurity Awareness Month in 2024, we wanted to share a gift from our pros to you and your employees to help them protect your data from social engineering attacks. While there’s an endless supply of new malware and new vulnerabilities, phishing remains one of the greatest challenges in security. Social engineering still accounts for 70% to 90% of breaches — far ahead of any other method.
Ten Tips to Help Protect Your Staff Against Phishing
Feel free to share these 10 tips on how your staff can protect themselves when asked seemingly innocuous questions like, ‘What do you do for work?’ and ‘What does your company do?’. The tips won’t be new to many of you, but the important point is that they’re accessible and memorable when you’re asking for the attention of busy teams.
- Be Skeptical of Unsolicited Contact
If someone contacts you out of the blue asking for sensitive info, imagine they’re trying to sell you a timeshare. Politely decline and hang up. - Keep Personal Information Private
Oversharing on social media is like giving away spoilers for your own life story. Don’t be that person—keep the plot twists to yourself. - Use Strong, Unique Passwords
Your passwords should be like your favorite pizza toppings: unique, complex, and not something you’d share with just anyone. - Enable Two-Factor Authentication (2FA)
Think of 2FA as the bouncer at the club where your data likes to party. If someone tries to sneak in, they’ve got to show some serious ID first. - Be Aware of Phishing Attempts
If you get an email claiming you’ve won a million dollars, assume it’s as real as that Nigerian prince you “met” last year. Don’t take the bait. - Verify Before You Trust
If someone says, “Trust me,” hear it as, “I’m about to sell you a bridge.” Verify first, or you might end up with a very expensive imaginary bridge. - Educate Yourself and Others
Think of social engineering tactics as the plot of a really bad soap opera. Share the drama with everyone you know so they don’t get caught up in the nonsense. - Be Wary of Public Wi-Fi
Public Wi-Fi is like an all-you-can-eat buffet for hackers. If you must indulge, bring your own VPN “doggy bag” to keep your data safe. - Report Suspicious Activity
If you smell something fishy, report it faster than you’d call the waiter about a funky-smelling dish. Your IT team is the restaurant manager of your digital life—they need to know. - Trust Your Instincts
If something feels off, it’s probably a scam. Trust your gut—it’s been right about expired milk, and it’ll be right about this, too.
We encourage everyone to use this month to think of easy ways to help their employees, friends and family stay safe online and protect their data using key messages from Cyber Awareness Month 2024.
Security really is a collective effort.