• CERTIFICATE
    • Eminent CIOs of India
    • Most Trusted Companies
    • Most Admired Brands
    • The most influential CMOs
  • SYNDICATION
    • AMD
    • DELL TECHNOLOGIES
    • HITACHI
    • LOGMEIN
    • MICROSOFT
    • RIVERBED
    • STORAGECRAFT
    • THALES
  • EVENTS
  • GO DIGITAL
  • INFOGRAPHICS
  • PRESS
    • Press Release PR News Wire
    • Press Release Business Wire
    • GlobeNewsWire
  • SPECIAL
    • WHITE PAPER
    • TECHNOMANIA
    • SME
    • SMART CITY
    • SERVICES
    • EDITOR SPEAK
    • CSR INITIATIVES
    • CHANNEL GURU
    • CHANNEL CHIEF
    • CASE STUDY
  • TECHTREND
    • VAR PANCHAYAT
    • TELECOM
    • SOFTWARE
    • POWER
    • PERIPHERALS
    • NETWORKING
    • LTE
    • CHANNEL BUZZ
    • ASK AN EXPERT
  • SUBSCRIBE
  • Apps
  • Game
  • KDS
  • Security
  • Telecom
  • WFH
  • Subscriber to Newsletter
  • August Issue
  • Blogs
  • Vlogs
  • Faceoff
SNA

HOME
NEWS

Trellix Finds LockBit Ransomware Gang Most Apt to Leak Stolen Data

Trellix Finds LockBit Ransomware Gang Most Apt to Leak Stolen Data

Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today released The Threat Report: February 2023 from its Advanced Research Center, examining cybersecurity trends from the final quarter of 2022. Trellix combines telemetry collected from its extensive network of endpoint protection installs and its complete XDR product line with data gathered from open and closed source intelligence reports to deliver report insights.

 

“Q4 saw malicious actors push the limits of attack vectors,” said John Fokker, Head of Threat Intelligence, Trellix Advanced Research Center. “Grey zone conflict and hacktivism have both led to an increase in cyber as statecraft as well as a rise in activity on threat actor leak sites. As the economic climate changes, organizations need to make the most effective security out of scarce resources.”

 

The report includes evidence of malicious activity linked to ransomware and nation-state backed advanced persistent threat (APT) actors, and examines threats to email, the malicious use of legitimate security tools, and more. Key findings include:

 

LockBit 3.0 Most Aggressive with Ransom Demands: While no longer the most active ransomware group according to Trellix telemetry – Cuba and Hive ransomware families generated more detections in Q4 – the LockBit cybercriminal organization’s leak site reported the most victims. This data makes LockBit the most aggressive in pressuring their victims to comply with ransom demands. These cybercriminals use a variety of techniques to execute their campaigns, including exploiting vulnerabilities found as far back as 2018.

 

Nation-State Activity Led by China: APT actors linked to China, including Mustang Panda and UNC4191, were the most active in the quarter, generating a combined 71% of detected nation-state backed activity. Actors tied to North Korea, Russia, and Iran followed. The same four countries ranked the most active APT actors in public reports.

 

Critical Infrastructure Sectors Most Targeted: Sectors across critical infrastructure were most impacted by cyberthreats. Trellix observed 69% of detected malicious activity linked to nation-state backed APT actors targeting transportation and shipping, followed by energy, oil, and gas. According to Trellix telemetry, finance and healthcare were among the top sectors targeted by ransomware actors, and telecom, government, and finance among the top sectors targeted via malicious email.

 

Fake CEO Emails Led to Business Email Compromise: Trellix determined 78% of business email compromise (BEC) involved fake CEO emails using common CEO phrases, resulting in a 64% increase from Q3 to Q4 2022. Tactics included asking employees to confirm their direct phone number to execute a voice-phishing – or vishing – scheme. 82% were sent using free email services, meaning threat actors need no special infrastructure to execute their campaigns.

 

The Threat Report: February 2023 includes proprietary data from Trellix’s sensor network, investigations into nation-state and cybercriminal activity by the Trellix Advanced Research Center, open and closed source intelligence, and threat actor leak sites. The report is based on telemetry related to detection of threats, when a file, URL, IP-address, suspicious email, network behavior or other indicator is detected and reported by the Trellix XDR platform.

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
Trend Micro Ranks #1 in Attack Protection
Technology

Trend Micro Ranks #1 in Attack Protection

by VARINDIA 2023-09-28
Black Box Cybersecurity Wins 17 New Marquee US Customers
Technology

Black Box Cybersecurity Wins 17 New Marquee US Customers

by VARINDIA 2023-09-27
SEQRITE launches EPS Cloud v2.0
Technology

SEQRITE launches EPS Cloud v2.0

by VARINDIA 2023-09-27
SOFTWARE
View All
Kuehne+Nagel and Capgemini collaborate to deliver an end-to-end supply chain capability
Technology

Kuehne+Nagel and Capgemini collaborate to deliver an end-to-end supply chain capability

by VARINDIA 2023-09-27
Bain & Company teams up with Microsoft to help clients accelerate and scale AI adoption
Technology

Bain & Company teams up with Microsoft to help clients accelerate and scale AI adoption

by VARINDIA 2023-09-27
Newgen and Coforge to deliver transformative insurance lifecycle management solutions
Technology

Newgen and Coforge to deliver transformative insurance lifecycle management solutions

by VARINDIA 2023-09-25
START - UP
View All
Homegrown app Dunzo to raise $35 million from Reliance & Google
Technology

Homegrown app Dunzo to raise $35 million from Reliance & Google

by VARINDIA 2023-09-26
ideaForge and GalaxEye Join Forces to Build UAV FOPEN Radar Technology
Technology

ideaForge and GalaxEye Join Forces to Build UAV FOPEN Radar Technology

by VARINDIA 2023-09-26
Datacultr expands its reach to LATAM and Africa Regions
Technology

Datacultr expands its reach to LATAM and Africa Regions

by VARINDIA 2023-09-05

Tweets From @varindiamag

Nothing to see here - yet

When they Tweet, their Tweets will show up here.

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

by VARINDIA
Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

by VARINDIA
Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

by VARINDIA
Start-Up and Unicorn Ecosystem
Pocket FM Surpasses 100 Million Downloads on Google Play Store

Pocket FM Surpasses 100 Million Downloads on Google Play Store

by VARINDIA
OpenAI's ChatGPT now speaks in 5 different voices

OpenAI's ChatGPT now speaks in 5 different voices

by VARINDIA
VVDN Technologies and Axiado partner to reshape the server technology landscape

VVDN Technologies and Axiado partner to reshape the server technology landscape

by VARINDIA
Vertiv Provides Flexible Edge and Smart IT Power Backup in India

Vertiv Provides Flexible Edge and Smart IT Power Backup in India

by VARINDIA
Accenture Invests in Writer to Accelerate Enterprise Use of Generative AI

Accenture Invests in Writer to Accelerate Enterprise Use of Generative AI

by VARINDIA
VIAVI wins funding for three projects in DSIT ONE competition

VIAVI wins funding for three projects in DSIT ONE competition

by VARINDIA
Comviva partners with XoXoday to revolutionize loyalty experiences

Comviva partners with XoXoday to revolutionize loyalty experiences

by VARINDIA
ManageEngine Named a Challenger in the 2023 Gartner® Magic Quadrant™ for PAM

ManageEngine Named a Challenger in the 2023 Gartner® Magic Quadrant™ for PAM

by VARINDIA
Standard Chartered Bank teams up with Cummins Technologies to digitalise incentive payments to mechanics

Standard Chartered Bank teams up with Cummins Technologies to digitalise incentive payments to mechanics

by VARINDIA
Genesys and Salesforce announce AI-powered customer experience solution

Genesys and Salesforce announce AI-powered customer experience solution

by VARINDIA
×

Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.

  • Distributors & VADs
  • Industry Associations
  • Telco's in India
  • Indian Global Leaders
  • Edit Calendar
  • About Us
  • Advertise Us
  • Contact Us
  • Disclaimer
  • Privacy Statement
  • Sitemap

Copyright varindia.com @1999-2023 - All rights reserved.