Insights

Microsoft has disclosed yet another critical vulnerability not long since PrintNightmare was disclosed. This privilege elevation vulnerability lies in the overly permissive Access Control Lists (ACLs) on the important and sensitive Security Accounts Manager (SAM) database, SYSTEM and SECURITY registry hives. This means that an attacker with a standard non-administrative account can in theory achieve local privilege escalation, masquerade as other users and/or achieve the following:

TrickBot is a banking trojan that was first detected in September 2016 and since that time had been developed to incorporate the targeting of multiple geographies and online services. The malware was developed to gain unauthorized access to customer bank accounts to facilitate fraudulent transactions, but also targeted users of online services such as Salesforce and cryptocurrency services. The malware was reportedly delivered via spam emails containing malicious attachments, including those distributed by the Necurs botnet, and via the RIG exploit kit. In some cases, TrickBot used an exploit called EternalBlue (affects CVE-2017-0144) or Windows API calls to propagate in a local network. The functions and activities of TrickBot are reportedly very similar to the Dyre banking trojan, and it was assessed by researchers to be linked to this trojan, including that at least one of the developers of Dyre was involved in the development of TrickBot.

Security breaches are part and parcel of running a modern organisation. Research completed by the Clark School at the University of Maryland showed that hackers attack every 39 seconds. With organisations exposed to such a high volume of threats, Incident Response has become just as important, if not more important than threat prevention. 

In 2020, the average cost of a single data breach rose in all industries worldwide to nearly 4 million USD. These breaches were especially costly in the healthcare sector, where costs soared to an average of 7.13 million USD, with energy and financial industries following closely behind at $6 million. 

With cyber criminals developing more sophisticated online and offline threats, security breaches are a matter of if, not when. In fact, 65% of security professionals believe they will be dealing with a major breach within the next 12 months, and with the average cost of a data breach totaling over $3.86 million, the stakes couldn't be higher.