Evasion techniques employed by cybercriminals have become an Achilles’ heel for organizations. With the frequent barrage of vulnerability disclosures and occasional zero-day threats, attackers are leaving no stone unturned to sneak past security checks and cause maximum destruction.
Trending threats
Over the first half of 2020, Cisco, in association with MITRE ATT&CK, found that fileless threats and legitimate tools were used for the purpose of defense evasion in 57% of all IoC alerts.
To add more troubles, the likes of KryptoCibule, LodaRAT, and QBot malware were revamped to include a variety of obfuscation techniques.
Emotet operators made the most of it
Since its reappearance in July, the Emotet trojan leveraged different themes and, in one case, legitimate email threads as part of its evasive strategy.
Moreover, the Emotet loader was enhanced to bypass security products by manipulating artificial intelligence. For this, the operators used legitimate Microsoft code as a benign code to prevent the red flag on infected systems.
Other evasion techniques observed recently
Over the past few months, several threat actors were quite picky about their evasion techniques. Some of the recently observed techniques were:
Spammers shipping malicious PowerPoint attachments through short URLs that contained random texts.
A spam group using hexadecimal IP addresses, since mid-July, to evade detection by email fil ..
Support the originator by clicking the read the rest link below.
