Corporate FortCorporate Fort
  • Home
  • Finance
    • Banking
    • Insurance
    • Fintech
  • Manufacturing
    • Manufacturing
    • Energy
    • Retail
  • Health & Education
    • Healthcare
    • Education
  • Construction
    • Construction
    • Real Estate
  • Mining & Agriculture
    • Mining
    • Agriculture
  • Hospitality
    • Environment
    • Hospitality
What's Hot

Indigo: A prime Investment Opportunity

September 28, 2023

Young and Unstoppable: Incredible Africans Redefining Africa’s Global Influence and Potential

September 27, 2023

EMPOWERING AND DEVELOPING TEACHERS: THE NON-NEGOTIABLE FOR ACADEMIC EXCELLENCE

September 26, 2023
Facebook Twitter Instagram
Friday, September 29
Facebook Twitter Instagram
Corporate FortCorporate Fort
  • Home
  • Finance
    1. Banking
    2. Insurance
    3. Fintech
    4. View All

    Co-op Bank secures Kes13.8Bn funding to Lend MSMEs Countrywide

    July 17, 2023

    Ecobank Group named Africa’s Best Bank for MSMEs

    July 14, 2023

    Stanbic Uganda Partners with IBM

    June 12, 2023

    Newest Payment Feature from Yellow Card, Now Available Across Africa

    January 9, 2023

    Sanlam, Allianz sign Sh243.7bn joint-venture in 29 countries

    May 4, 2022

    Invesco Assurance Appoints New CEO, Board Chair

    March 8, 2022

    Kenya: President Ruto in Silicon Valley Charm Offensive

    September 20, 2023

    Trend Introduces Optimised Security for Endpoints, Servers, and Cloud Workloads to Cybersecurity Platform

    August 16, 2023

    TECNO Introduces CAMON 20 Series in Kenya

    June 26, 2023

    Tecno Camon 20 Pro: Flagship Performance and Impressive Features

    June 14, 2023

    Bank Of England Delays Rate Meeting As UK Mourns Queen

    September 9, 2022

    KRA introduces new geo- mapping technology to nab tax non compliant landlords

    January 12, 2022

    Mastercard launches Podcast ‘Journey to One Billion’ to build a more inclusive and sustainable digital economy

    January 10, 2022

    Value Stocks a Week Away From ‘Holy Grail’ Momentum Boost

    March 16, 2021
  • Manufacturing
    1. Manufacturing
    2. Energy
    3. Retail
    4. View All

    DT Dobie Unveils Actros Mercedes Truck

    October 27, 2022

    Diani Beach Resort Wins Kenya’s Best Resort Title

    October 21, 2022

    Covid-19 has wiped out over five years of Africa’s progress – Report

    November 17, 2021

    Electric Vehicles Adoption Championed by EPRA

    September 15, 2023

    Azule Energy, Sonangol Sign Deal on Decarbonization Initiatives at Angola Oil & Gas (AOG) 2023

    September 13, 2023

    CEO Petroleum Geo-Services to Highlight Role of Geoscience in Africa at Africa Energy Week

    August 11, 2023

    African Energy Week, Critical Minerals Africa Events Unite in Cape Town

    July 31, 2023

    Indigo: A prime Investment Opportunity

    September 28, 2023

    Young and Unstoppable: Incredible Africans Redefining Africa’s Global Influence and Potential

    September 27, 2023

    TECNO to Sponsor TotalEnergies Africa Cup of Nations 2023

    September 25, 2023

    Tech firm Shiprazor aims to Bridge the Delivery Gap

    September 22, 2023

    DT Dobie Unveils Actros Mercedes Truck

    October 27, 2022

    Diani Beach Resort Wins Kenya’s Best Resort Title

    October 21, 2022

    Covid-19 has wiped out over five years of Africa’s progress – Report

    November 17, 2021
  • Health & Education
    1. Healthcare
    2. Education
    3. View All

    Mercy Ships’ Newest Hospital Ship Prepares to Serve First Patients

    January 31, 2023

    Response To Common Childhood Emergencies

    January 13, 2023

    Mwai Kibaki Teaching and Referral Hospital Conversion to a level 6 facility underway

    January 11, 2023

    Safaricom Invests Kshs 38 million in Maternal Care in Homabay County

    December 14, 2022

    EMPOWERING AND DEVELOPING TEACHERS: THE NON-NEGOTIABLE FOR ACADEMIC EXCELLENCE

    September 26, 2023

    Africa School of Regulation-Launch of Africa School of Regulation 

    September 6, 2023

    Eco Nurtures Young Minds With Environmental Book Reading

    August 24, 2023

    Africa Tech Challenge Season 8: Providing Youth with Hands-On Skills

    July 24, 2023

    Mercy Ships’ Newest Hospital Ship Prepares to Serve First Patients

    January 31, 2023

    Response To Common Childhood Emergencies

    January 13, 2023

    Mwai Kibaki Teaching and Referral Hospital Conversion to a level 6 facility underway

    January 11, 2023

    Safaricom Invests Kshs 38 million in Maternal Care in Homabay County

    December 14, 2022
  • Construction
    1. Construction
    2. Real Estate
    3. View All

    Indigo: A prime Investment Opportunity

    September 28, 2023

    Superior Homes Commenced Construction of 350 Mn Truckstop Development

    August 30, 2023

    North Bay Commercial Real Estate Market to Rebound in 2nd Half

    January 14, 2021

    7 Trends for Marin Office Real Estate for the Pandemic

    January 13, 2021

    Indigo: A prime Investment Opportunity

    September 28, 2023

    Superior Homes Commenced Construction of 350 Mn Truckstop Development

    August 30, 2023

    North Bay Commercial Real Estate Market to Rebound in 2nd Half

    January 14, 2021

    7 Trends for Marin Office Real Estate for the Pandemic

    January 13, 2021

    Zutari Kenya officially launched in Nairobi to focus on East African market

    July 5, 2023

    Mizizi Expresses High Prospects for Real Estate in New Government

    September 22, 2022

    Kenya Real Estate to remain positive post-election

    September 8, 2022

    Kenya Homes Expo to unveil progress made in the real estate amidst the pandemic

    March 10, 2022
  • Mining & Agriculture
    1. Mining
    2. Agriculture
    3. View All

    Motorists Appeal Kenya’s President to Address fuel Shortage

    April 26, 2022

    KenGen Completes Seven Geothermal Wells in Ethiopia

    April 25, 2022

    Turkana Oil Production Dilemma

    March 2, 2022

    ADMI seeks to empower digital professionals with Green Skills

    August 23, 2023

    President Ruto Affirms Good Harvest of 61 mn Bags of Maize

    August 17, 2023

    AfDB To Fund Women, Youth in Agriculture

    June 26, 2023

    Swiss biological agricultural product Manufacturer sets up office in Kenya

    June 5, 2023

    ADMI seeks to empower digital professionals with Green Skills

    August 23, 2023

    President Ruto Affirms Good Harvest of 61 mn Bags of Maize

    August 17, 2023

    AfDB To Fund Women, Youth in Agriculture

    June 26, 2023

    Swiss biological agricultural product Manufacturer sets up office in Kenya

    June 5, 2023
  • Hospitality
    1. Environment
    2. Hospitality
    3. View All

    Elizabeth Wathuti honored with Time100 Impact Award in Singapore

    September 19, 2023

    Electric Vehicles Adoption Championed by EPRA

    September 15, 2023

    Eco Nurtures Young Minds With Environmental Book Reading

    August 24, 2023

    ADMI seeks to empower digital professionals with Green Skills

    August 23, 2023

    Jumia, Dominos partner to diversify Customer satisfaction

    April 26, 2022

    KRA Announces Mass Auctioning of Vehicles: How To Bid

    April 26, 2022

    “Ndimbati” Actor in Rwanda Arrested For Alleged Defilement

    March 10, 2022

    Kanye West Family Feud

    February 22, 2022

    African Development Bank affirms commitment to continent’s tourism sector at United Nations Tourism Conference

    September 14, 2023

    Radisson Hotel Group debuts in Egypt

    June 20, 2023

    Diani Beach Resort Wins Kenya’s Best Resort Title

    October 21, 2022

    Kenya: Hoteliers Call For Collaboration With County Governments

    September 14, 2022
Corporate FortCorporate Fort
Home»Tech»Most Wanted Malware: Trickbot, Emotet and the Log4j plague in 2021
Tech

Most Wanted Malware: Trickbot, Emotet and the Log4j plague in 2021

ContributorBy ContributorJanuary 13, 2022No Comments0 Views
Facebook Twitter Pinterest LinkedIn WhatsApp Reddit Tumblr Email
Share
Facebook Twitter LinkedIn Pinterest Email

Check Point Research, the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, has published its latest Global Threat Index for December 2021.

In a month that saw the Apache Log4j vulnerability sweep the internet, researchers reported that Trickbot is still the most prevalent malware, albeit at a slightly lower rate affecting 4% of organizations worldwide (5% in November). The recently resurgent Emotet has swiftly risen from seventh position to second. CPR also reveals that the most attacked industry continues to be Education/Research.

This month “Apache Log4j Remote Code Execution” is the most exploited vulnerability, affecting 48.3% of organizations globally. The vulnerability was first reported on December 9th in the Apache logging package Log4j – the most popular Java logging library used in many Internet services and apps with over 400,000 downloads from its GitHub project.

The vulnerability caused a new plague, impacting almost half of all companies worldwide in a very short space of time. Attackers are able to exploit vulnerable apps to execute cryptojackers and other malware on compromised servers. Until now, most of the attacks have focused on the use of cryptocurrency mining at the expense of the victims however, advanced attackers have started to act aggressively and take advantage of the breach on high-quality targets.

“Log4j dominated headlines in December. It is one of the most serious vulnerabilities we have ever witnessed, and due to the complexity in patching it and its easiness to exploit, it is likely to stay with us for many years to come unless companies take immediate action to prevent attacks,” said Maya Horowitz, VP Research at Check Point Software. 

“This month we have also seen the Emotet botnet move from the seventh most prevalent malware to the second. Just as we suspected, it has not taken long at all for Emotet to build a strong foothold since it resurfaced in November. It is evasive and is spreading fast via phishing emails with malicious attachments or links. It is now more important than ever to have a robust email security solution in place and to ensure that users know how to identify a suspicious looking message or attachment.” 

CPR revealed this month that Education/Research is the most attacked industry globally, followed by Government/Military and ISP/MSP. “Apache Log4j Remote Code Execution” is the most commonly exploited vulnerability, impacting 48.3% of organizations globally, followed by “Web Server Exposed Git Repository Information Disclosure” which affects 43.8% of organizations worldwide. “HTTP Headers Remote Code Execution” remains in third place in the top exploited vulnerabilities list, with a global impact of 41.5%.

Top malware families

*The arrows relate to the change in rank compared to the previous month.

This month, Trickbot is the most popular malware impacting 4% of organizations worldwide, followed by Emotet and Formbook, both with a global impact of 3%.

In Kenya, AgentTesla is the most popular malware impacting 19.18% of organizations in the country, followed by Glupteba at 10.96% and Formbook with a country impact of 9.59%.

  1. ↔AgentTesla – AgentTesla is an advanced RAT (remote access Trojan) that functions as a keylogger and password stealer. Active since 2014, AgentTesla can monitor and collect the victim’s keyboard input and system clipboard, and can record screenshots and exfiltrate credentials entered for a variety of software installed on the victim’s machine (including Google Chrome, Mozilla Firefox and Microsoft Outlook email client). AgentTesla is openly sold as a legitimate RAT with customers paying $15 – $69 for user licenses.
  2. ↑ Glupteba – Known since 2011, Glupteba is a backdoor that gradually matured into a botnet. By 2019 it included a C&C address update mechanism through public BitCoin lists, an integral browser stealer capability and a router exploiter.
  3. ↔ Formbook – First detected in 2016, FormBook is an InfoStealer that targets the Windows OS. It is marketed as MaaS in underground hacking forums for its strong evasion techniques and relatively low price. FormBook harvests credentials from various web browsers, collects screenshots, monitors and logs keystrokes, and can download and execute files according to orders from its C&C.

Top Attacked Industries Globally:

This month, Education/Research is the most attacked industry globally, followed by Government/Military and ISP/MSP. In Africa the most attacked industry is Communications followed by ISP/MSP and Finance/Banking.

 Top exploited vulnerabilities

This month, “Apache Log4j Remote Code Execution” is the most commonly exploited vulnerability, impacting 48.3% of organizations globally, followed by “Web Server Exposed Git Repository Information Disclosure” which affects 43.8% of organizations worldwide. “HTTP Headers Remote Code Execution” remains in third place in the top exploited vulnerabilities list, with a global impact of 41.5%.

  1. ↑ Apache Log4j Remote Code Execution (CVE-2021-44228) – A remote code execution vulnerability exists in Apache Log4j. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.
  2. ↔ Web Server Exposed Git Repository Information Disclosure- An information disclosure vulnerability has been reported in Git Repository. Successful exploitation of this vulnerability could allow an unintentional disclosure of account information.
  3. ↔ HTTP Headers Remote Code Execution (CVE-2020-10826,CVE-2020-10827,CVE-2020-10828,CVE-2020-13756) – HTTP headers let the client and the server pass additional information with an HTTP request. A remote attacker may use a vulnerable HTTP Header to run arbitrary code on the victim machine.

Top Mobile Malwares

This month, AlienBot takes first place in the most prevalent Mobile malwares, followed by xHelper and FluBot.

1.       AlienBot – AlienBot malware family is a Malware-as-a-Service (MaaS) for Android devices that allows a remote attacker, as a first step, to inject malicious code into legitimate financial applications. The attacker obtains access to victims’ accounts, and eventually completely controls their device.

2.       xHelper – A malicious application seen in the wild since March 2019, used for downloading other malicious apps and display advertisements. The application is capable of hiding itself from the user and can even reinstall itself in the event that it was uninstalled.

3.       FluBot – FluBot is an Android botnet distributed via phishing SMS messages, most often impersonating logistics delivery brands. Once the user clicks the link inside the message, FluBot is installed and gets access to all sensitive information on the phone.

Check Point’s Global Threat Impact Index and its ThreatCloud Map is powered by Check Point’s ThreatCloud intelligence. ThreatCloud provides real-time threat intelligence derived from hundreds of millions of sensors worldwide, over networks, endpoints and mobiles. The intelligence is enriched with AI-based engines and exclusive research data from Check Point Research, The Intelligence & Research Arm of Check Point Software Technologies.

The complete list of the top 10 malware families in December can be found on the Check Point blog.

Share. Facebook Twitter Pinterest LinkedIn Tumblr Telegram Email
Avatar
Contributor

Related Posts

Trend Introduces Optimised Security for Endpoints, Servers, and Cloud Workloads to Cybersecurity Platform

August 16, 2023

Cellulant Ghana Earns Recognition For Most Innovative Payment Service Provider in 2022

December 8, 2022

IDEA HIVE VENTURES INTO THE EAST AFRICAN MARKET

November 15, 2022

Leave A Reply Cancel Reply

Editors Picks

Top UK Stocks to Watch: Capita Shares Rise as it Unveils

January 15, 2021

Designers Round-up, Donate With Fashion

January 14, 2021

North Bay Commercial Real Estate Market to Rebound in 2nd Half

January 14, 2021
Latest Posts
Health

Can You Drink Alcohol After Getting the COVID-19 Vaccine? Doctors View…

January 15, 2021
Women

Five Beautiful Chic Outfits Worn by the Actresses in 2020

January 11, 2021
Women

10 Trends From the Fall 2021 Season That Predict Fashion

January 20, 2021

Subscribe to Updates

Get the latest sports news from SportsSite about soccer, football and tennis.

Advertisement

Subscribe to Updates

Get the latest creative news from FooBar about art, design and business.

© 2023 Corporate Fort. Designed by Hive Tech.
  • Home
  • About Us
  • Contact Us

Type above and press Enter to search. Press Esc to cancel.