Threat Analyst Lead Yaz Johnston dives into our latest security insights, where you can learn about upcoming HTML sanitization for your favorite web browsers, what top 10 malware threats we’ve seen in the past quarter, and how ransomware continues to steal the security spotlight.
HTML Sanitization
Google, Mozilla, and security firm Cure53 announced they are in the process of developing an API that sanitizes HTML input strings and prevents cross-site scripting (XSS) attacks, without the need for third-party libraries. The API will be integrated into future versions of Mozilla Firefox and Google Chrome browsers.
Security researcher Michal Bentkowski said that he hopes the adoption of sanitizer will reduce the amount of “cross-site scripting issues in applications that deal with editors . . . processing because these seem to be the main beneficiaries of the new standard” after testing the API.
Ransomware Is Still Stealing the Spotlight
It should come as no surprise that ransomware continues to run rampant. This form of malware is quickly becoming as common as trojans, with more ransomware gangs turning to extortion when taking data hostage doesn’t work in their favor.
Here’s a quick rundown of high-profile ransomware activity we’ve seen during the past quarter:
- FBI director Christopher Wray went on record stating that the federal government is currently investigating 100 different ransomware variants, with each having “dozens, if not hundreds of victims.”
- JBS, the world’s largest meat supplier, recently confirmed that the company paid the equivalent of $11 million in ransom to hackers that targeted and temporarily crippled its business.
- Colonial Pipeline Co., owner of the largest petroleum pipeline in the U.S, paid roughly $4.4 million in cryptocurrency following a ransomware attack in early May. This breach was reportedly due to a single leaked password. Surprisingly, the FBI was able to “hack-back” the hackers and gain access through a virtual address during a transfer of nearly 64 bitcoins (roughly $2 million) providing them with the opportunity to get a warrant for DarkSide, the hacker group behind the attack.
The Top 10 Malware Used This Past Quarter (as seen by multiple vendors):
1. FormBook | 6. TrickBot |
2. AgentTesla | 7. Nanocore |
3. LokiBot | 8. Remcos |
4. Ursnif | 9. AZOR |
5. Quakbot | 10. njRat |
Cybereason Stats from New Report, ‘Ransomware: The True Cost of Business’
According to a report from Cybereason, 66% of victim organizations have accounted for “significant revenue loss” due to ransomware attacks, with 53% reporting their brand suffered following an attack.
Many businesses ultimately shut down their organization with nearly one in three losing top leadership either by dismissal or resignation, and 29% were forced to eliminate jobs.
Cybersecurity researchers at Cybereason also found 80% of organizations that had previously paid ransom suffered a second attack.