TRENDS, THREATS & TACTICS FOR CYBER CERTAINTY™
BY DANIEL TOBOK
DECEMBER 2024
NEW ALL-TIME RECORD LEVELS OF CYBER THREAT AND CONCERN: Global Trends & Threat Levels At An All Time High
G O O G L E M A N D A T E S : Multi-Factor Authentication Required for All Users by 2025
Google has announced that by 2025, all users of its Cloud Platform will be required to enable multi-factor authentication (MFA). This move aims to enhance security across its services, ensuring that user accounts are better protected against unauthorized access. All Google Cloud users will have to enable MFA by 2025 – Help Net Security
My thoughts
- Google’s decision to enforce MFA across its platform is a significant step toward bolstering user security. As cyber threats become increasingly sophisticated, implementing additional layers of authentication is essential to safeguard sensitive information.
What can we do?
- Organizations should proactively adopt MFA across all critical systems, not just in response to mandates. Regularly review and update authentication protocols to align with best practices and emerging threats. Educate employees about the importance of MFA and how to use it effectively.
G O Z O N E R A N S O M W A R E T H R E A T E N S : Victims Warned of Devastating Public Exposure
The GoZone ransomware group has escalated its tactics by not only encrypting victims’ data but also threatening to publicly expose sensitive information if ransom demands are not met. This double-extortion method increases pressure on organizations to comply with attackers’ demands. GoZone ransomware accuses and threatens victims – Help Net Security
My thoughts
- The evolution of ransomware tactics to include public exposure of data underscores the critical need for comprehensive cybersecurity strategies. Organizations must prepare for both data encryption and the potential fallout from data breaches, which can damage reputation and erode customer trust.
What can we do?
- Implement robust data encryption and regular backups to mitigate the impact of ransomware attacks. Develop and test incident response plans that address both data recovery and communication strategies for potential data exposure. Engage in continuous monitoring to detect and respond to threats promptly.
P H I S H I N G A T T A C K E S C A L A T E S : Backdoored Linux Virtual Machines Unleash Unprecedented Security Nightmare
- Cybercriminals are employing sophisticated phishing campaigns that deliver backdoored Linux virtual machines (VMs) to unsuspecting users. These malicious VMs provide attackers with persistent access to compromised systems, posing significant security risks. Beware of phishing emails delivering backdoored Linux VMs! – Help Net Security
My thoughts
- The use of backdoored VMs in phishing attacks represents a concerning advancement in cyber tactics. This method allows attackers to maintain long-term access to systems, making detection and remediation more challenging.
What can we do?
- Educate employees about the dangers of downloading and executing unsolicited VMs or software. Implement strict policies for verifying the authenticity of virtual machines and other software before deployment. Utilize advanced threat detection tools to identify and isolate compromised VMs promptly.
