New research by Zscaler, analyzing 6.6 billion security threats, has discovered a 260% increase in attacks during the first nine months of 2020. Among the encrypted attacks was an increase of the amount of ransomware by 500%, with the most prominent variants being FileCrypt/FileCoder, followed by Sodinokibi, Maze and Ryuk.
Experts Comments
It’s a clever trick as malicious acts are masked behind a symbol universally recognised to mean ‘secure’ and ’safe’.
For most organisations, particularly SMEs with little to no resources or knowledge dedicated to cybersecurity, determining the safety of a site comes down to whether or not it has padlock symbol in the search bar. Unfortunately, while tools such as this are primarily employed to ensure privacy and data integrity, it can also be manipulated for nefarious uses. Indeed, it’s a clever trick as malicious acts are masked behind a symbol universally recognised to mean ‘secure’ and ’safe’......Read More
SSL/TLS inspection/termination alone is often not sufficient.
Having more visibility into the SSL/TLS traffic definitely is one of the key elements needed to detect modern attacks. However, SSL/TLS inspection/termination alone is often not sufficient. To illustrate, even with SSL/TLS inspection in place, malicious threat actors (MTA) often implement additional layers of encryption and obfuscation on top of SSL/TLS and are also often leveraging legitimate sites, such as githubusercontent, cloud drives, and others, to \"reflect\"/host malicious stager.....Read More
Dot Your Expert Comments
Only for registered and approved experts. Please register before providing comments. Register here
Linkedin Message
@Niamh Muldoon, Senior Director of Trust and Security EMEA, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Other security controls and alerts would highlight this as malicious activity for investigation...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/malicious-use-of-ssl-increases-as-attackers-deploy-hidden-attacks
Facebook Message
@Niamh Muldoon, Senior Director of Trust and Security EMEA, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Other security controls and alerts would highlight this as malicious activity for investigation...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/malicious-use-of-ssl-increases-as-attackers-deploy-hidden-attacks