How an Adversary Using Public Hosting Exploits Emerging Threats

December 28, 2022

If you’re a business owner or decision-maker looking to improve your cybersecurity posture, there are several ways to make a lasting impact. One of those methods is an effective adversary focused approach. It requires a collaborative approach from your organization’s security team, as well as other agencies such as the National Security Agency (NSA), the FBI, and others. While these agencies are important for your overall cyber defense, it’s not enough to just rely on them. Read on to learn more about how an adversary using public hosting exploits emerging threats.

80% of successful attacks originate with external threat agents

One of the simplest and most effective ways to defend your enterprise is to understand and appreciate the difference between inside and outside threats. It might seem like a no-brainer, but if your company is reliant on the Internet for communication, you need to be aware of the dangers.

Internal threats are those that originate from within your walls. These could include employees, contractors, or even the likes of hackers. Typically, insiders have a more personal connection to the data residing on your network. It is also more likely that you will find an employee who is inexperienced with the latest security and network technology.

Targeted attack campaigns in the Philippines and Taiwan

The Chinese government isn’t one to sit back and let the rest of the world do the heavy lifting. Last year, the country made good on its promise to launch a thousand air strikes against Taiwan. To help sway the locals’ opinions, the PRC has rolled out a bevy of information and social media campaigns. Having the requisite data points to draw upon means that the government can make use of some clever tricks.

The flurry of political spying not limited to the mainland either. The Chinese government has also rolled out several disinformation campaigns. They are staking claim to a slew of so-called ‘fake news’ websites. These sites often employ social engineering techniques to trick users into clicking on malicious links.


During the second quarter of 2014, several global malware families exploited emerging threats. These new malware families enabled spam campaigns, ransomware scams, and remote control of infected PCs. These attack vectors reveal how attackers are abusing existing public-facing technologies.

QSnatch is one of the most prevalent IoT malware families. It targets QNAP NAS devices, preventing firmware updates and altering scheduled tasks. It also uses SSH backdoors to communicate with the command-and-control servers. It also installs additional malware.

The Slammer worm exploits a buffer overflow bug in Microsoft’s SQL Server and spreads rapidly, causing a denial-of-service condition on some targets. The worm has been a top ten malware family in recent months. This is how an adversary using public hosting exploits emerging threats.


RetroHunting is a technique used to identify assets at risk, but it not limited to malware. In fact, the ability to detect and monitor anomalous activity can be an important part of a security team’s arsenal. It can also be useful for identifying attackers before they become public fodder. A tool called RetroHunt can help users find malicious activity in their network or database. In fact, the feature built into InQuest signatures. This makes it a viable solution for organizations that already use InQuest.

InQuest analysts can use this feature to build a robust threat profile by correlating artifacts discovered by the platform with data gathered from other sources. The most important thing to keep in mind is that this feature is only as good as its data. In other words, it is not a substitute for real-time monitoring and response. To take advantage of the feature, it is advisable to set up an InQuest instance. Moreover, a single user can run up to 10 RetroHunt jobs at a time. The maximum rule size also restricted to a meager 1MB.

Effective adversary focused approach to cyber requires coordination across all agencies

Whether your organization is a small, mid-sized, or large, an effective adversary focused approach to cyber requires coordination across all agencies. Government bureaucracies must transform to remove duplicative efforts and move toward real-time collaboration. These innovations can help overcome barriers to an effective cyberthreat response.

Defending against massive cyber attacks requires a coordinated approach. A critical component of this coordination is the alignment of national power. This requires a new set of innovations in government organization and technology. Developing an effective adversary focused strategy also requires that defenders understand the capabilities and vulnerabilities of the adversary, and calibrate their offense and offense standards.

Ammar Fakhruddin


Ammar brings in 18 years of experience in strategic solutions and product development in Public Sector, Oil & Gas and Healthcare organizations. He loves solving complex real world business and data problems by bringing in leading-edge solutions that are cost effective, improve customer and employee experience. At Propelex he focuses on helping businesses achieve digital excellence using Smart Data & Cybersecurity solutions.

A Guide to Cybersecurity in a Virtual Office

A Guide to Cybersecurity in a Virtual Office

Explore the comprehensive guide to cybersecurity in a virtual office, covering essential strategies, best practices, and tools to safeguard your digital assets. Learn how to protect sensitive data, mitigate risks, and ensure the utmost security in today's remote work...

GnuTLS Follows OpenSS

GnuTLS Follows OpenSS

GnuTLS library adheres to the OpenSS (Open Source Security Suite) standard, a significant departure from the former GNU policy. Emacs becomes more secure by adhering to a more robust standard for cryptographic libraries. It also helps avoid confusion when working with...

Zero-day vulnerability in Fortinet FortiOS

Zero-day vulnerability in Fortinet FortiOS

Recently, cybercriminals and nation-states have been exploiting a zero-day vulnerability in Fortinet FortiOS' operating system to launch targeted cyberattacks against government entities. The flaw, CVE-2022-40684, allows attackers to bypass authentication by sending...

Recent Case Studies

Press Releases

News & Events


Managed Security Services
Security & Privacy Risk Assessment
Cloud Platform Security
Incident Response & Business Continuity

Penetration Testing

Virtual CISO

Email Security & Phishing



About Us