Cybercriminals are using a new method to evade detection to make sure that traffic generated by their malicious campaigns is not being detected. The technique is based on SSL/TLS signature randomization and dubbed cipher stunting. The number of tampering instances detected by Akamai’s research team globally reached an astounding number of 1,355,334,179 billion instances at the end of February 2019. The key lesson here is that criminals will do whatever they can to avoid detection and keep their schemes going.
Source: https://www.bleepingcomputer.com/news/security/attackers-evade-detection-by-randomizing-tls-handshake-ciphers/