New research published by SophosLabs reveals that even while attackers continue to design custom-tailored lures to exploit users, the inconvenient truth is that the most popular vulnerabilities are issues that have been patched years ago.
Instead of just sending random emails, SophosLabs has found an increasing use of what it refers to as “Designer” cyber-threats.”The details are correct [language, grammar, etc.], leading to far higher victim yields,” Chester Wisniewski, senior security adviser at Sophos, told eWEEK. “Some have gone as far as to combine information from data breaches like victims’ home addresses.
“Going a step further, SophosLabs is seeing increased use of targeted attacks that are specifically localized for the victims. That is, attackers are using specific types of malware depending on where victims are located. The idea of a targeted attack—spear phishing emails, in particular—is not a new one, though it has apparently undergone an evolution in recent months.