Following the news about the Spotify that has been caught pushing malware-infested adverts out to users of its free desktop version?
Initially thought to have only affected Windows 10 operating systems, the issue has subsequently been reported on othersincluding Ubuntu and MacOS, causing users to flood forums and Twitter with complaints. Rahul Kashyap, EVP and Chief Architect at Bromium commented below.
Rahul Kashyap, EVP and Chief Architect at Bromium:
“We’ve seen an increase in malvertising of this kind. Last year, our threat sensors found over a quarter of the Alexa 1000 websites were delivering malware via malicious advertisements. This is something that enterprises need to think about, as users see their desktops as personal devices. Threats like these will always find their way into the corporate network. Unless you completely lock down user’s desktops, which isn’t practical, you will always experience user-introduced vulnerabilities.
“Instead of trying to change human behaviour, companies should accept that users are always going to be the weakest link in the security chain. The trick is to contain the threat, so the enterprise isn’t placed at risk. The ideal way to do this is to shrink the attack surface by isolating the endpoint so doing things like clicking on links or downloading documents is contained. Then, even if that action introduces malware, it can’t go beyond that point.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
A worrying trend for Australians The Latitude Financial attack clearly…
It is not unusual for companies to keep hold of…
“First of all, it should be praised that Ferrari have…
These findings aren’t very surprising given that unpatched zero-days provide…
These figures from Mandiant highlight how attackers are continuing to…