Flashpoint has published itsย Julyย Cyber Threat Intelligence Indexย which shows Australia was in the top 10 countries for ransomware attacks last month.
Ransomware
ย ย 
Flashpointโs latestย ransomwareย infographic paints a sobering picture of the evolving threat landscape, with cybercriminals employing increasingly sophisticated tactics. In July, Flashpoint recorded a total of 515ย ransomware attacks.
Clopย was the most prolific ransomware group, being responsible for nearly 33 per cent of Julyโs recorded ransomware attacks. The United States experienced the most ransomware events, accounting for 48 per cent of all Julyโs recorded ransomware attacks, while Australia ranked eighth. Internet Software and Services continues to be the most targeted industry, followed by Construction & Engineering, and Professional Services.
โWe’re consistently still seeing Australia among the most targeted countries in the world for ransomware attacks,โ said Ben Gestier, Senior Intelligence Analyst and Team Lead APAC/EMEA, Flashpoint. โSafeguarding company assets from ransomwares is crucial for Australian businesses, who should all implement or constantly update their own threat readiness and response plans in order to prevent loss, service disruptions, and lasting damage.โ
Vulnerability Intelligence
1,994 new vulnerabilities were reported in July, with 312 of them being missed by the Common Vulnerabilities and Exposures (CVE) and National Vulnerability Database (NVD).
36 per cent of Julyโs disclosed vulnerabilities are rated high-to-critical in severity. If exploited, these issues could pose a significant security risk. Over 56 per cent of last monthโs vulnerabilities are remotely exploitable. This means that if leveraged, threat actors can execute malicious code no matter where the device is located.
Vulnerability Managementย teams can potentially lessen workloads by 90 per cent by focusing on actionable, high severity vulnerabilities. This classification is given to vulnerabilities that are remotely exploitable, that have a public exploit, and a viable solution.
Data Breaches
Studying breach events can help CISOs and security teams better understand the goals and motivations of threat actors. In July, Flashpoint recorded 529 data breach events and threat actors stole a total of 481.2 million records.
Organisations in the United States accounted for more than 64 per cent of Julyโs recorded data breaches. Unauthorised access, or hacking was the leading cause of data breaches in July, being responsible for over half of recorded data breach events.
Malware
Flashpoint has looked at the latest malware trends: which types of malware threat actors favour, how they get access into a victimโs systems, and what cybercriminals do once they gain a foothold.
Trojans were the most widely used malware type in Julyโs recorded cyberattacks. In particular, theย cobaltstrikeย malware family accounted for 33.22 per cent of Julyโs top five indicators of compromise. The most favouredย MITRE ATT&CKย tactic was Command and Control.
Insider Threat
The tactic ofย recruiting insidersย has become immensely popular amongst threat actors aiming to breach systems and/or commit ransomware attacks.
In July, Flashpoint analysts collected 7,055 posts advertising insider services โ both from threat actors seeking insiders and malicious employees offering their services. Of those, 1,121 were unique posts from individuals in illicit and underground communities.
The Telecom, Financial, and Retail industries were the most targeted sectors for insider threats in July. The majority of insider threat related postings originated from insiders advertising their services to outside threat actors. Most of this activity came from the Telecom sector.
