New security threats appear every day that endanger our normal Internet browsing. Microsoft has recently carried out a review of the state of its security departments and which are the main threat actors for Windows that they monitor.
Taking these results reported by the technology giant into account, we can also see that it intends to change the way in which it will counterattack against viruses and ransomware .
Microsoft has more than 100 security threats on its radar
Microsoft today revealed that its security teams are tracking more than 100 threat actors deploying ransomware during attacks. In all, the company says it monitors more than 50 unique ransomware families that were in active use up to the end of last year.
Microsoft Security Intelligence@MsftSecIntelSome of the most prominent ransomware payloads in recent campaigns include Lockbit Black, BlackCat (aka ALPHV), Play, Vice Society, Black Basta, & Royal. Defense strategies, however, should focus less on payloads but more on the chain of activities that lead to their deployment.January 31, 2023 • 18:2913
2
“Some of the most prominent ransomware payloads in recent campaigns include Lockbit Black, BlackCat (also known as ALPHV), Play, Vice Society, Black Basta, and Royal. However, defense strategies need to focus less on the payloads and more on the chain of activities that lead to their deployment ,” Microsoft said, as ransomware families still target servers and devices that have not yet been patched. against common or recently fixed vulnerabilities.
Although new ransomware families are released all the time, most threat actors use the same tactics when carrying out their security breaches and spreading through networks, making the effort to detect such behavior even more difficult. useful to thwart their attacks, hence the search to focus more on the chain of activities that lead to its propagation.
According to those at Redmond, attackers are increasingly relying on tactics beyond phishing to carry out their attacks, with threat actors, such as DEV-0671 and DEV-0882, taking advantage of recently patched Exchange Server vulnerabilities to hack into vulnerable servers and implement Cuba and Play ransomware. Last week, the Exchange team urged administrators to deploy the latest supported Cumulative Update (CU) to protect on-premises Exchange servers and always have them ready to install an emergency security update to protect against attacks.
Best antivirus for Windows
To try to avoid or at least stop infection with one of these serious security threats, it is convenient to have a protection program that is up to the task. We recently told you about the latest AV-TEST results for Windows home antivirus and only 10 would give maximum protection after being exposed to more than 13,000 types of malware.
- Avast Free Antivirus
- Avast One Essential
- AVG Internet Security
- Avira Security for Windows
- Bitdefender Internet Security
- G DATA Total Security
- Kaspersky Internet Security
- McAfee Total Protection
- NortonLifeLock Norton 360
- Trend Micro Internet Security