HP(US:HPQ) globenewswire.com·2024-05-16 07:10Core Insights - HP Inc. released its quarterly HP Wolf Security Threat Insights Report, highlighting the evolving tactics of cybercriminals, including the use of open redirects, overdue invoice lures, and Living-off-the-Land techniques to bypass security measures [1][2]. Cyberattack Techniques - Attackers are exploiting open redirect vulnerabilities to mislead users into visiting malicious sites, making detection difficult [1]. - The Windows Background Intelligent Transfer Service (BITS) is being abused by attackers to download malicious files while remaining undetected [1]. - Cybercriminals are using fake invoices to execute HTML smuggling attacks, deploying malware like AsyncRAT with minimal effort [1]. Threat Detection and Evasion - At least 12% of email threats managed to bypass one or more email gateway scanners, indicating vulnerabilities in existing security measures [3]. - The primary threat vectors identified in Q1 included email attachments (53%), browser downloads (25%), and removable storage (22%) [3]. - A significant 65% of document threats relied on exploits to execute code rather than macros, showcasing a shift in attack strategies [3]. Security Recommendations - The reliance on detection alone is flawed, as attackers utilize legitimate tools, making it challenging to identify threats without generating false positives [3]. - A defense-in-depth approach is recommended, isolating and containing high-risk activities to minimize the attack surface [3]. HP Wolf Security Overview - HP Wolf Security employs hardware-enforced disposable virtual machines to run risky tasks, protecting users without hindering productivity [3]. - The technology captures detailed traces of attempted infections, providing insights into intrusion techniques and threat actor behavior [3].