Blog

Target: Consumers

Tags:  Vulnerabilities, Ransomware, MFA, CVE-2023-0669

A new report by BleepingComputer concludes that March 2023 “was the most prolific month recorded by cybersecurity analysts in recent years, measuring 459 attacks, an increase of 91% from the previous month and 62% compared to March 2022”.

The reason was a new vulnerability CVE-2023-0669 that Clop ransomware gang exploited as a zero-day to steal data from 130 companies within ten days as reported by NCC group.

For the first time, Clop Ransomware has outpaced LockBit 3.0, recording more known hits and establishing itself as the busiest ransomware gang. With LockBit 3.0 documenting 97 attacks, it has been relegated to second place. This significant rise of Clop marks its debut at the top of this list, while LockBit 3.0 finds itself in the runner-up position.

The “Industrials” sector faced the highest number of ransomware attacks in March 2023, enduring 147 incidents. This represented 32% of all the attacks that month. This broad sector includes areas like professional and commercial services, machinery and tools, construction and engineering, aerospace & defense, as well as logistics and transport services.

Close behind was the “Consumer Cyclicals” sector, which includes industries like construction supplies, specialty retailers, hotels, automobiles, media & publishing, and household goods.

Other sectors that were significantly targeted by ransomware attackers included “Technology,” “Healthcare,” “Basic Materials,” “Financials,” and “Educational Services.”

What can we do – Application Isolation

While modern organizations are armed with advanced detection systems, the threat of zero-days and elusive malware remains a significant concern, affecting organizations worldwide. At BUFFERZONE®, we passionately believe in the power of simplicity and clarity in deploying effective security controls to protect an organization.

While it is possible to limit user access to activities such as browsing, file downloads, and opening attachments – all major potential attack vectors – this approach would drastically hinder the user experience at work. Thus, our security strategy takes a markedly different direction.

BUFFERZONE® Safe Workspace^® is a comprehensive suite of preventive tools rooted in application isolation technology. It comprises Safe Browsing, SafeBridge® (featuring Content Disarm and Reconstruction capabilities), and Safe Removable (for USB attack prevention), all fortified with clipboard security. A kernel driver forms the Safe Workspace™ virtual container, which virtually bifurcates the operating system into two logical areas.

The first area, known as the trusted zone, is linked to all an organization’s networks and the operating system’s files. The second area, deemed the untrusted zone, serves as a buffer where various applications can operate securely, isolated from the trusted zone’s memory, files, registry, and processes.

This innovative approach provides several benefits, including minimal CPU and memory usage, a high-quality user experience, and the ability to work seamlessly within the virtual container, oblivious to the protective shield against browsing and USB threats.

BUFFERZONE® stands alone as the only virtual containment solution operating based on six patented technologies. Utilizing Safe Workspace^® safeguards you from phishing attacks, malicious downloaded files, and potentially dangerous email attachments and links (via an outlook extension). In our view, security should be straightforward and user-friendly.

Try us now!