Threat research for July 2016 shows slight drop in number of traditional malware families attacking business networks but increase in mobile variants Check Point® today revealed the number of active malware families decreased by 5 percent, as the company disclosed the most prevalent malware families attacking organizations’ networks in the month. During July, Check Point detected 2,300 unique and active malware families attacking business networks, a 5 percent increase compared to June, with Conficker remaining the most commonly used malware. Despite the overall decrease in active malware the prevalence of mobile malware increased, accounting for 9 percent of active malware –…
ISBuzz Team
Data scraping attacks are getting more sophisticated with 4th generation bots, and not even the most prepared companies are safe. Just recently, LinkedIn realized it’s been the target of ongoing data scraping since December 2015. See the story here. Omri Iluz, CEOat PerimeterX commented below. Omri Iluz, CEO at PerimeterX: “Scraping using advanced bots that are able to create fake accounts and circumvent most of today’s security systems represent a significant step up from yesteryear’s attacks. We identify the software being used by the attackers as 4th generation bots and are seeing an exponential growth in the usage of such bots…
When we purchase something new, in most cases there is an unspoken understanding about the transaction. For example, if it is food, you can read what is in it and purchase it. If you don’t end up liking the taste, it probably won’t kill you. If we buy a car, it is assumed that it will meet all safety standards. If we purchase a widget of some sort for a specific purpose, it will do what it advertises else we will return it for a refund. When it comes to software, the rules are generally the same; however, there seems…
Following the recent story in the news on how attackers could abuse DNSSEC-secured domains for distributed denial-of-service (DDoS) attacks, Dave Larson, Chief Operating Officer at Corero Network Security commented below. Dave Larson, Chief Operating Officer at Corero Network Security: “Neustar has correctly pointed out the additional amplification factor related to misconfigured DNSSEC vs. legacy DNS, where the inclusion of the digital signature allows for a somewhat higher than a normal DNS amplification attack. However, the point that must be stressed related to this or any other DDoS amplification vectors is that operators of any network – whether they include DNS service…
ESET researchers noticed a huge outbreak of a new Spy.Banker variant, detected as Spy.Banker.ADEA. Nemucod has in the past been one of the most detected types of malware in Ireland. On the morning of Friday August 12th, at around 12pm CET this new variant was spotted in Brazil. Similar to previous ones used by other banking trojans in South America, during execution, the malware checks if the system’s settings are in Portuguese and proceeds with the injection of the banker’s payload. The banking trojan spreads along with two modified versions of a popular utility software, which are used to extract usernames and passwords…
Digital technology has fundamentally changed business practice over the past decade. Cloud based applications dominate, workers routinely access corporate information remotely via smart phones and access to the corporate network increasingly includes supply chain members, contractors and part time workers. Yet cyber security has failed to keep up – and some of the responsibility has to lie with the C-suite. Why are cyber security experts not involved from day one in every strategic decision? Why are businesses still expecting the security team to take responsibility yet leaving deployment in the hands of multiple departments, from application development onwards? It is…
The EU Commission has confirmed its desire to bring in more regulation for online messaging services such as WhatsApp and Skype in an attempt to safeguard users’ privacy. Richard Stiennon, Chief Strategy Officer, Blancco Technology Group commented below. Richard Stiennon, Chief Strategy Officer at Blancco Technology Group: “Hot on the heels of the EU GDPR and Privacy Shield, this move yet again highlights the gulf between European and US attitudes towards regulating the internet. However, even in North America, attitudes to privacy and security are slowly evolving. For services like WhatsApp, Facebook Messenger and Skype, it’s inevitable that a combination of consumer…
Two new reports bring doom and gloom to the IT security industry this week: – Okta Report Reveals 65% of IT Leaders Expect Serious Data Breach to Hit Their Business Within the Next Year. – QinetiQ report reveals that lack of process and security culture are chief factors leaving firms open to cyber attack. IT security experts from AlienVault, Lieberman Software and ESET commented below whether it really is all doom and gloom: Javvad Malik, Security Advocate at AlienVault: “Preventing security breaches is a bit like Zeno’s dichotomy paradox. In that it is a constant and ongoing process, which at best you only…
In the US, Ford announced that it will produce a fleet of driverless cars for the mass market – to be used by ride-sharing services, such as Uber – by 2021. Brian Spector, CEO at MIRACL commented below. Brian Spector, CEO at MIRACL: “While Ford is moving driverless car technology into the fast lane, it’s still unclear whether security concerns are being addressed by car manufacturers at the outset, or if they’ll just be pushed to one side and addressed later. “Cars are no longer just a means of travelling from A to B, but powerful computing platforms which are an…
Phishing is an Endpoint Problem, Not a Credential Problem ANN ARBOR, MICH. Duo Security, a cloud-based trusted access provider protecting the world’s largest and fastest-growing companies, today published research that illustrates the risk phishing attacks present in the enterprise. Since its July 2016 launch, around 400 companies have begun using Duo Insight, a free tool that lets IT teams run internal phishing simulations. Of the 11,542 users who received a phishing email from their IT team, 31% of organizations are at risk of a data breach due to phishing attacks. Based on the data from Duo Insight, in a real-world scenario,…