Sophospublished by 2024 Active Threat ReportAccording to the information in , from the first half of 2024 until today, hackers, Using Microsoft system tools It achieved an attack rate of 51%. This is significantly higher than last year’s rate. a serious rise Security experts are very worried because of this.
What is LOLbin? Why Is It Targeted?
LOLbin is included by default in operating systems. and often used for system administration legal practices and scripts. PowerShell, cmd.exe ve net.exe Tools such as these can be given as examples. Cyber attackers are very successful in hiding their malicious activities by using these reliable tools for malicious purposes.
Especially Remote Desktop Protocol (RDP), was involved in 89% of this year’s attacks. According to Sophos, most of the most commonly used LOLbin tools are for system scanning and discovery purposes is used—which is proof that hackers made a detailed analysis before launching an attack.
How to Prevent LOLbin Attacks?
Sophos recommends a multi-layered security approach to protect against such attacks. Here are the recommended precautions:
PowerShell Limit access to frequently abused tools such as
Monitor and log usage of LOLbin tools.
EDR (Endpoint Detection and Response) Apply the solutions.
Close system tools you are not using.
If you have employees, ensure that they receive training on security and phishing.
Software updatesKeep your systems up to date by doing this regularly.
Russian Hacker Group RomCom Started Attacking Windows Users Using the “0-Click” Method
It was revealed that the Russian hacker group called RomCom took action with an attack method targeting Windows and Firefox users.
Gmail: We Can Only Help You for 7 Days in Case of Hacker Attack
Within the scope of Gmail’s new security policy, it was announced that they will only support users who were attacked by hackers for 7 days.
Source link: https://www.tamindir.com/haber/hackerlar-microsoft-araclarini-guvenlik-acigi-olarak-kullaniyor_91913/