If your IT and security teams think malware is bad, wait until they learn about everything else.
In 2024, the modern cyberattack is a segmented, prolonged, and professional effort, in which specialists create strictly financial alliances to plant malware on unsuspecting employees, steal corporate credentials, slip into business networks, and, for a period of days if not weeks, simply sit and watch and test and prod, escalating their privileges while refraining from installing any noisy hacking tools that could be flagged by detection-based antivirus scans.
In fact, some attacks have gone so "quiet" that they involve no malware at all. Last year, some ransomware gangs refrained from deploying ransomware in their own attacks, opting to steal sensitive data and then threaten to publish it online if their victims refused to pay up—a method of extracting a ransom that is entirely without ransomware.
Understandably, security teams are outflanked. Defending against sophisticated, multifaceted attacks takes resources, technologies, and human expertise. But not every organization has that at hand.
What, then, are IT-constrained businesses to do?
Today, on the Lock and Code podcast with host David Ruiz, we speak with Jason Haddix, the former Chief Information Security Officer at the videogame developer Ubisoft, about how he and his colleagues from other companies faced off against modern adversaries who, during a prolonged crime spree, plundered employee credentials from the dark web, subverted corporate 2FA protections, and leaned heavily on internal web access to steal sensitive documentation.
Haddix, who launched his own cybersecurity training and consulting firm Arcanum Information Security this year, said he learned so much during his time at Ubisoft that he and his peers in the industry coined a new, humorous term for attacks that abuse internet-connected platforms: "A browser and a dream."
"When you first hear that, you're like, 'Okay, what could a browser give you inside of an organization?'"But Haddix made it clear:
"On the internal LAN, you have knowledge bases like SharePoint, Confluence, MediaWiki. You have dev and project management sites like Trello, local Jira, local Redmine. You have source code managers, which are managed via websites—Git, GitHub, GitLab, Bitbucket, Subversion. You have repo management, build servers, dev platforms, configuration, management platforms, operations, front ends. These are all websites."
Tune in today.
You can also find us on Apple Podcasts, Spotify, and Google Podcasts, plus whatever preferred podcast platform you use.
For all our cybersecurity coverage, visit Malwarebytes Labs at malwarebytes.com/blog.
Show notes and credits:
Intro Music: “Spellbound” by Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 4.0 License
http://creativecommons.org/licenses/by/4.0/
Outro Music: “Good God” by Wowa (unminus.com)
LLM Prompt Injection Game: https://gandalf.lakera.ai/
Overwhelmed by modern cyberthreats? ThreatDown can help.
The 2024 ThreatDown State of Malware report is a comprehensive analysis of six pressing cyberthreats this year—including Big Game ransomware, Living Off The Land (LOTL) attacks, and malvertising—with strategies on how IT and security teams can protect against them.
Read the report here.
Picking fights and gaining rights, with Justin Brookman
Porn panic imperils privacy online, with Alec Muffett (re-air)
Securing your home network is long, tiresome, and entirely worth it, with Carey Parker
Going viral shouldn't lead to bomb threats, with Leigh Honeywell
How to make a fake ID online, with Joseph Cox
Bruce Schneier predicts a future of AI-powered mass spying
A true tale of virtual kidnapping
DNA data deserves better, with Suzanne Bernstein
Meet the entirely legal, iPhone-crashing device: the Flipper Zero
Why a ransomware gang tattled on its victim, with Allan Liska
Defeating Little Brother requires a new outlook on privacy
MGM attack is too late a wake-up call for businesses, says James Fair
AI sneak attacks, location spying, and definitely not malware, or, what one teenager fears online
What does a car need to know about your sex life?
Re-air: What teenagers face growing up online
"An influx of Elons," a hospital visit, and magic men: Becky Holmes shares more romance scams
A new type of "freedom," or, tracking children with AirTags, with Heather Kelly
How Apple fixed what Microsoft hasn't, with Thomas Reed
Spy vs. spy: Exploring the LetMeSpy hack, with maia arson crimew
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
Black Wolf Feed (Chapo Premium Feed Bootleg)
Bannon`s War Room