Anzeige
Mehr »
Login
Sonntag, 22.12.2024 Börsentäglich über 12.000 News von 679 internationalen Medien
Die erste börsennotierte Gesellschaft, die auf das gemeinsame Wachstum von Solana, XRP und Dogecoin setzt!
Anzeige

Indizes

Kurs

%
News
24 h / 7 T
Aufrufe
7 Tage

Aktien

Kurs

%
News
24 h / 7 T
Aufrufe
7 Tage

Xetra-Orderbuch

Fonds

Kurs

%

Devisen

Kurs

%

Rohstoffe

Kurs

%

Themen

Kurs

%

Erweiterte Suche
PR Newswire
437 Leser
Artikel bewerten:
(2)

Heimdal Security Presents its Latest Report on Brute-Force Cyber Attacks

Finanznachrichten News

COPENHAGEN, Denmark. , July 25, 2024 /PRNewswire/ -- An investigation by Heimdal, a leading cybersecurity company, reveals that the EU is facing a surge in brute force cyber attacks on corporate and institutional networks, primarily originating from Russia.

These attackers exploit Microsoft infrastructure, particularly in Belgium and the Netherlands, to avoid detection.

The investigation into the Russian brute-force campaign has revealed several critical insights:

  • Attackers are aiming for High-Value Targets (HVTs)
  • Key infrastructure cities like Edinburgh and Dublin have been frequently targeted
  • Over half of the attack IP addresses are linked to Moscow, targeting major cities in the UK, Denmark, Hungary, and Lithuania
  • The rest of the investigated attack IPs can be traced back to Amsterdam and Brussels
  • Major ISPs like Telefonica LLC and IPX-FZCO were significantly abused
  • Heimdal's data shows these attacks date back to May 2024 but may have been happening even longer.

Read the full report here: heimdalsecurity.com/blog/russia-brute-force-attacks-europe/

Prevalent Infiltration and Attack Techniques

The attackers primarily target administrative accounts using various case combinations and language variants.

Over 60% of attack IPs are new, with approximately 65% recently compromised and the rest previously abused, revealing a constantly evolving threat.

The threat actors employ known attack principles such as SMBv1 crawlers, RDP crawlers, and RDP alternative port crawlers, exploiting weak or default credentials through password guessing, spraying, and stuffing.

Additionally, their use of legitimate Microsoft infrastructure broadens the attack surface and complicates detection and response.

Data shows that attackers have actively exploited Microsoft infrastructure from the Netherlands and Belgium to increase their attack range and success odds.

Russia Leveraging State-Owned Networks to Propagate Attack

Major ISPs like Telefonica LLC and IPX-FZCO are significantly abused, with the former accounting for 27.7% of attacks from Russia.

The attackers also leveraged resources from Russian allies, including Indian telecom companies Bharat Sanchar Nigam Limited and Bharti Airtel Limited, both of which have faced recent data breaches.

Scope of Brute-Force Campaign

Russia's motivation behind these cyberattacks is multifaceted.

The reasons for these actions likely include aims to destabilize and disrupt critical infrastructure in Europe, extract sensitive data, gain financial advantage to fuel ongoing cyber-war efforts, or deploy malware.

The threat actors' mandates can span multiple types of subversive cyber-warfare ops, including seek-and-destroy, disruption of critical assets, and sabotage.

A Wake Up Call for the European Union

This persistent threat underscores the need for cybersecurity measures within EU countries, including strengthening cloud security, enforcing multi-factor authentication, conducting regular security audits, and educating employees.

Morten Kjaersgaard, Founder of Heimdal, said:

"This data shows that an entity in Russia is waging a hybrid war on Europe, and may have even infiltrated it.

The threat actors are aiming to extract as much data or financial means as possible, leveraging Microsoft infrastructure to do so.

Whoever is responsible, whether it's the state or another nefarious group, they have no shame in using Russia's allies to commit these crimes.

The exploitation of Indian infrastructure is a strong example. The data also proves these attackers have strong ties with China."

Paul Vixie, Co-Founder of SIE Europe, added:

"The data that Heimdal has uncovered is explosively evil, and SIE Europe data clearly shows how well built these Russian Wasp nests are and they show no signs of stopping.

SIE Europe does not ever traffic in Personally Identifiable Information, and this case shows the investigative power of public information once cooperatively assembled."

Read the full investigation here: Russia-Linked Brute-Force Campaign Targets EU via Microsoft Infrastructure (heimdalsecurity.com).

For further press information:
Maria Madalina Popovici
Media Relations Manager
Email: mpo@heimdalsecurity.com

About Heimdal

Established in Copenhagen in 2014, Heimdal empowers CISOs, security teams, and IT administrators to improve their security operations, reduce alert fatigue, and implement proactive measures through a unified command and control platform.

Heimdal®'s award-winning cybersecurity solutions span the entire IT estate, addressing challenges from endpoint to network levels, including vulnerability management, privileged access, Zero Trust implementation, and ransomware prevention.

About SIE Europe

SIE Europe enables European-based organizations to contribute and share passive DNS data to advance cyber investigations and significantly reduce risk from phishing, ransomware, e-crime and other cyberattacks.

SIE Europe is cofounded by Internet luminaries Dr. Paul Vixie, Chairman, Co-Founder and CEO of Farsight Security, Inc., Christoph Fischer, Founder and CEO of BFK edv-consulting GmbH and Peter Kruse, Cofounder , CSIS Security Group A/S.

This information was brought to you by Cision http://news.cision.com

The following files are available for download:

https://mb.cision.com/Main/22623/4018330/2925877.pdf

Heimdal Links Russia-Based Threat Actors to Brute Force Attacks on the EU

https://mb.cision.com/Public/22623/4018330/87d4180148270100_org.jpg

Image - Heimdal ties Russia-based actors to brute force attacks on the EU

https://mb.cision.com/Public/22623/4018330/8df29c971c3a7080_org.jpg

Map - the primary origin of the attack

Cision View original content:https://www.prnewswire.co.uk/news-releases/heimdal-security-presents-its-latest-report-on-brute-force-cyber-attacks-302206435.html

© 2024 PR Newswire
Treibt Nvidias KI-Boom den Uranpreis?
In einer Welt, in der künstliche Intelligenz zunehmend zum Treiber technologischer Fortschritte wird, rückt auch der Energiebedarf, der für den Betrieb und die Weiterentwicklung von KI-Systemen erforderlich ist, in den Fokus.

Nvidia, ein Vorreiter auf dem Gebiet der KI, steht im Zentrum dieser Entwicklung. Mit steigender Nachfrage nach leistungsfähigeren KI-Anwendungen steigt auch der Bedarf an Energie. Uran, als Schlüsselkomponente für die Energiegewinnung in Kernkraftwerken, könnte dadurch einen neuen Stellenwert erhalten.

Dieser kostenlose Report beleuchtet, wie der KI-Boom potenziell den Uranmarkt beeinflusst und stellt drei aussichtsreiche Unternehmen vor, die von diesen Entwicklungen profitieren könnten und echtes Rallyepotenzial besitzen

Handeln Sie Jetzt!

Fordern Sie jetzt den brandneuen Spezialreport an und profitieren Sie von der steigenden Nachfrage, der den Uranpreis auf neue Höchststände treiben könnte.
Werbehinweise: Die Billigung des Basisprospekts durch die BaFin ist nicht als ihre Befürwortung der angebotenen Wertpapiere zu verstehen. Wir empfehlen Interessenten und potenziellen Anlegern den Basisprospekt und die Endgültigen Bedingungen zu lesen, bevor sie eine Anlageentscheidung treffen, um sich möglichst umfassend zu informieren, insbesondere über die potenziellen Risiken und Chancen des Wertpapiers. Sie sind im Begriff, ein Produkt zu erwerben, das nicht einfach ist und schwer zu verstehen sein kann.