Malware and potentially unwanted applications (PUAs) have become overwhelmingly polymorphic, with 97 percent of malware morphing to become unique to a specific endpoint device, according to a report from security specialist Webroot. Travis Smith, senior security researcher at Tripwire have the following comments on it.
[su_note note_color=”#ffffcc” text_color=”#00000″]Travis Smith, Senior Security Research Engineer for Tripwire :
“Attackers have learned that they need to adapt to their surroundings to avoid detection. Their adaption techniques include both polymorphic code as well as the ability to randomize the IP address of their command and control servers. It is important as defenders to have the ability to adapt to the attackers’ techniques as well by focusing on their tactics and techniques rather than the tools of their trade.
Adopting threat intelligence is one tool organizations have at their disposal to anticipate the attackers’ next moves. This is why it’s important to share threat intelligence with those within your market. Attackers will typically target a specific business type, such as retail or hospitals, in an attack campaign. If a competitor is breached, chances are your organization may be next; or worse, your organization may have already been breached.”[/su_note]
[su_box title=”About Tripwire” style=”noise” box_color=”#336588″]
Tripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwire’s portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence.[/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.