SecurityWeek reports that cybersecurity threats were noted by Red Canary to have gained steam across various fronts during the past year.
Most severe of last year's cybersecurity threats was the Charcoal Stork malvertising campaign delivering the SmashJacker and ChromeLoader browser hijackers, which has impacted nearly 15% of Red Canary customers. Other leading threats included Impacket, Mimikatz, SocGholish, QBot, and Raspberry Robin, which have been leveraged in ransomware attacks, according to Red Canary researchers. The findings also showed a significant increase in cloud account attacks throughout 2023, which was accompanied by a spike in email forwarding rule exploitation. More information-stealing malware strains have also been targeting Mac devices while human error has been cited as a persisting weakness against social engineering campaigns. "Organizations must harden identities with extensive security controls and have a comprehensive identity risk management plan that takes into account identity providers, IT support staff, and even mobile service carriers," said researchers.