Threat Detection Report: Cloud Attacks Soar, Mac Threats and Malvertising Escalate

Threat Detection Report: Cloud Attacks Soar, Mac Threats and Malvertising Escalate

March 15, 2024 at 06:57AM

Red Canary’s 2024 Threat Detection Report, based on the analysis of 60,000 threats and 216 petabytes of telemetry, highlights the rise of cloud account attacks, Mac malware, and the transformation of malvertising from adware to more dangerous malware. It emphasizes the increasing use of adversarial AI and the growing threats to Mac devices.

From the meeting notes, the key takeaways are as follows:

1. **Cloud Account Attacks:** There has been a significant increase in cloud account attacks, particularly through the abuse of the email forwarding rule (T1114.003) and the use and abuse of web APIs. These attacks are a notable concern and require heightened attention for cybersecurity measures.

2. **Human Threat Vectors:** Despite the growth in CVEs, humans and their identities remain the primary threat. The report emphasizes the need to strengthen identity security controls and have a comprehensive plan for identity risk management to counter social engineering and unauthorized access attempts.

3. **AI in Security:** There is a growing use of adversarial and defensive AI, specifically gen-AI, in the security landscape. While AI may increase the scale and sophistication of attacks, the report suggests that the benefits of AI will outweigh the modest increases in risk from adversaries using it.

4. **Mac Device Threats:** Threats to Mac devices are increasing, with greater stealer activity, reflective code loading, and AppleScript abuse noted. Malvertising is evolving to deliver more than just adware, posing a significant threat to Mac devices.

5. **Ransomware and Malware Trends:** Despite the absence of ransomware groups in the top twenty threats, there is a substantial presence of ransomware precursors. Red Canary specializes in early detection, leading to the prevention of ransomware groups from making it into the top threats for 2023.

These takeaways provide a comprehensive understanding of the evolving threat landscape and the security challenges that need to be addressed with urgency.

Full Article