HP Inc., a technology company based in Palo Alto, California, released its quarterly HP Wolf Security Threat Insights Report on May 16, 2024. The report revealed that cyber attackers are employing various tactics such as open redirects, overdue invoice lures, and Living-off-the-Land (LotL) techniques to infiltrate systems undetected.
In the advanced WikiLoader campaign highlighted in the report, attackers exploited open redirect vulnerabilities in websites to redirect users to trustworthy sites before sending them to malicious sites. This tactic made it difficult for users to detect the switch, emphasizing the need for robust cybersecurity measures.
Furthermore, the report identified instances where attackers leveraged the Windows Background Intelligent Transfer Service (BITS) as part of Living-off-the-Land techniques to download malicious files undetected. Additionally, threat actors were found hiding malware inside HTML files disguised as delivery invoices, deploying open-source malware called AsyncRAT upon opening in a web browser.
Patrick Schläpfer, Principal Threat Researcher at HP Inc., emphasized the effectiveness of targeting companies with invoice lures, particularly in finance departments where employees are accustomed to receiving invoices via email. Successful attacks can lead to the monetization of access by selling it to cybercriminal brokers or deploying ransomware.
HP Wolf Security, a leading endpoint security solution, offers insights into the latest cybercriminal techniques by isolating threats that evade traditional detection-based tools. With over 40 billion interactions with email attachments, web pages, and downloaded files, HP Wolf Security has successfully prevented breaches for its customers.
The report also highlighted alarming trends in cyber threats, including the bypassing of email gateway scanners by 12% of identified threats, with email attachments, browser downloads, and other infection vectors as the top threat vectors. Additionally, the use of exploits for executing code in document threats accounted for 65% in the quarter.
Dr. Ian Pratt, Global Head of Security for Personal Systems at HP Inc., stressed the importance of a defense-in-depth approach to cybersecurity, especially in light of the evolving tactics used by cybercriminals. HP Wolf Security runs risky tasks in isolated environments to protect users without hindering productivity, providing valuable insights into intrusion techniques and threat actor behaviors.
The data for the report was compiled from consenting HP Wolf Security customers from January to March 2024, showcasing real-world cyber threats and attack trends. HP Inc. is a global technology leader offering innovative solutions for personal computing, printing, 3D printing, hybrid work, gaming, and more in over 170 countries.
HP Wolf Security is a comprehensive endpoint security solution designed to safeguard PCs, printers, and individuals from cyber threats. By combining hardware-enforced security with endpoint-focused services, HP Wolf Security offers unparalleled protection and resiliency against cyber predators. For more information, visit https://hp.com/wolf.