Advertise

Vulnerabilities / Threats

1/7/2017
08:55 AM

Kelly Sheridan
Slideshows

Connect Directly

0 comments
Comment Now

What To Watch For With Ransomware: 2017 Edition

Ransomware will continue to evolve in 2017, bringing new and diverse threats to businesses. What changes are in store?

2 of 10

Ransomware will hit a plateau.

After an active year of online extortion, ransomware is poised to plateau in 2017, predict experts at Trend Micro. 2016 set the stage for more delivery methods, stronger encryption, and publicized code, which drove a 400% spike in the number of ransomware families between January and September.

While experts predict ransomware families will grow 25% in 2017, we have passed the tipping point. Businesses, rather than consumers, could be a primary target of these new families next year, reports Booz Allen Hamilton. Successfully extorting a business often leads to greater reward and lower risk for malware operators.

Criminals driven by stabilization will diversify their strategies so they can target larger businesses with more focused attacks. Ransomware that focuses on key parts of the Windows OS, like the MBR or system components' firmware, could likely become a new pathway.

(Image: R.A.R. de Brujin Holding BV via Shutterstock)

2 of 10

Comment |

Email This |

Print |

RSS

Comments

Oldest First | Newest First | Threaded View

[close this box]

Be the first to post a comment regarding this story.

Hot Topics

Editors' Choice

NSA Appoints Rob Joyce as Cyber Director

Dark Reading Staff 1/15/2021

Vulnerability Management Has a Data Problem

Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber, 1/14/2021

Who Is Responsible for Protecting Physical Security Systems From Cyberattacks?

IFSEC Global, Staff, 1/14/2021

Webinars

What We Can Learn from Sports Analytics

How Elite Analyst Teams are Transforming Security with Cyber Reconnaissance

5 Steps to Solving Modern Scalability Problems

Webinar Archives

White Papers

How to Prioritize Risk Across the Cyberattack Surface

The Insecure State of Microsoft Teams Security

Passwordless: The Future of Authentication

ROI Study: Economic Validation Report of the Anomali Threat Intelligence Platform

More White Papers

Cartoon Contest

Write a Caption, Win an Amazon Gift Card! Click Here

Latest Comment: This is not what I meant by "I would like to share some desk space"

Cartoon Archive

Current Issue

2020: The Year in Security

Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Assessing Cybersecurity Risk in Today's Enterprises

COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.

Download Now!

The Malware Threat Landscape

0 comments

How Data Breaches Affect the Enterprise (2020)

0 comments

Building an Effective Cybersecurity Incident Response Team

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-28452
PUBLISHED: 2021-01-20

This affects the package com.softwaremill.akka-http-session:core_2.12 from 0 and before 0.6.1; all versions of package com.softwaremill.akka-http-session:core_2.11; the package com.softwaremill.akka-http-session:core_2.13 from 0 and before 0.6.1. CSRF protection can be bypassed by forging a request ...

CVE-2020-28483
PUBLISHED: 2021-01-20

This affects all versions of package github.com/gin-gonic/gin. When gin is exposed directly to the internet, a client's IP can be spoofed by setting the X-Forwarded-For header.

CVE-2021-21269
PUBLISHED: 2021-01-20

Keymaker is a Mastodon Community Finder based Matrix Community serverlist page Server. In Keymaker before version 0.2.0, the assets endpoint did not check for the extension. The rust `join` method without checking user input might have made it abe to do a Path Traversal attack causing to read more f...

CVE-2020-25686
PUBLISHED: 2021-01-20

A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same...

CVE-2020-25687
PUBLISHED: 2021-01-20

A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This...

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]