10 Major Cyber Security Trends In 2024 that everyone must prepare for
By the end of the coming year, the cost of cyber attacks on the global economy is predicted to top $10.5 trillion in a recent Forbes article.
This staggering amount reflects the growing need for cyber security to be treated as a strategic priority on an individual, organizational and governmental level.
As in every other field of business and technological endeavor, artificial intelligence (AI) will have a transformative impact on both attack and defense. Its impact will be felt across every one of the trends covered here.
Recent years have brought an acceleration in the pace of technological advancement in many fields, and cyber threats are no different. As they say, forewarned is forearmed – so read on to find out what my predictions are for the cyber security trends everybody should be on high alert for as we head into 2024.
New botnet malware exploits two zero-days to infect NVRs and routers
A new Mirai-based malware botnet named ‘InfectedSlurs’ has been exploiting two zero-day remote code execution (RCE) vulnerabilities to infect routers and video recorder (NVR) devices according to a recent Bleeping Computer article.
The malware hijacks the devices to make them part of its DDoS (distributed denial of service) swarm, presumably rented for profit. The discovery of ‘InfectedSlurs’ comes from Akamai, who first spotted it on its honeypots in late October 2023. However, the botnet’s initial activity dates back to late 2022.
The cybersecurity company reports that the impacted vendors haven’t patched the two exploited flaws yet; hence, details about them have been reserved for now.
New malware campaign uses MSIX packages to infect Windows PCs
According to CSOnline a new cyberattack campaign has been found to be using MSIX — a Windows application packaging format — to infect Windows PCs and evade detection by dropping a stealthy malware loader into its victim’s PC.
Developers commonly use MSIX to package, distribute, and install their applications to Windows users, and is now being used for initial infection to deliver the malware loader, dubbed Ghostpulse, researchers at Elastic Security Labs have discovered. “In a common attack scenario, we suspect the users are directed to download malicious MSIX packages through compromised websites, search engine optimization (SEO) techniques, or malvertising,” the researchers said in a blog post. “The masquerading themes we’ve observed include installers for Chrome, Brave, Edge, Grammarly, and WebEx to highlight a few.”
New Malware threat targeting Android users
Android smartphone and tablet users are facing a new and concerning threat in the form of malware in an article by GizChina that does Chinese gadget reviews.
This malicious software has infiltrated various general utility applications and games that were recently available on the Google Play Store. While these apps may seem legitimate at first glance, they hide a malicious secret that could compromise your device. Once opened, the concealed malware takes control of your device. What’s even more alarming is that these apps have already been downloaded more than half a million times!