While phishing, reconnaissance scans, social engineering, and other opportunistic attacks still comprise the lion’s share of malicious activity seen by most companies, a growing proportion of attacks are able to evade signature-based defenses.
Cybercriminals using fully undetectable (FUD) services can create variants that are unrecognizable to antivirus programs, and targeted attacks increasingly use custom-built malware designed to tiptoe past the target’s defenses.
To find advanced malware, companies have to look for indicators of compromise that might not initially appear to be connected to a malware infection or each other, says CP Morey, vice president of product marketing at security firm Sourcefire. For example, callbacks to unknown servers along with the installation of an unknown application and high utilization on a machine might not pass the threshold that requires investigation, but together they should set off an alert, he says.
SOURCE: darkreading.com
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…