logo
logo
logo
logo
Robert Pedigo 2018-03-06
img

SonicWall has revealed its ‘Cyber Threat Report’, which recorded an 18.4% year on year increase in the number of malware attacks last year taking the total to 9.32bn.

The research did however demonstrate ransomware attacks have reduced over the last two years, down to 184m from 645m, but the number of new Common Vulnerabilities and Exposures (CVEs) totalled 14,500 increasing by 101.2%.

European regions did not fall far behind, with 37% of attacks happening there in 2017.

This increase has allowed more opportunities for cybercriminals to hide malicious content in encrypted traffic.

In total 60 file-based malware propagation attempts were found per SonicWall firewall each day.

By sharing actionable intelligence, we collectively improve our business and security postures against today’s most malicious threats and criminals.”

collect
0
Gary Tokarski 2017-03-27
img

Growing mobile threats affect iOS

Mobile malware is at the highest level yet recorded, infecting 1.35 per cent of all mobile devices in October, according to a study by Nokia out today.

The high water mark in October compares to figures of 1.06 per cent in April 2016.

While Android smartphones and tablets remained the top mobile target (81 per cent), iOS-based devices were also affected, particularly through spyphone applications, in the second half of the last year (4 per cent).

Spyphone surveillance software (sometimes marked as spousal or child monitoring tech) tracks a user's calls, text messages, social media applications, web searches, GPS locations or other activities.

Issued twice per year, Nokia’s Threat Intelligence Report examines general trends and statistics for infections in devices connected through mobile and fixed networks around the world.

collect
0
Michael Smith 2016-12-17
img

Criminals will be stealing drones or using them to commit crimes.

A big rise in drone use is likely to lead to a new wave of dronejackings by cybercriminals, security experts have warned.

A recent report by Intel s McAfee Labs said hackers are expected to start targeting drones used for deliveries, law enforcement and film crews.

Drones are well on the way to becoming a major tool for shippers, law enforcement agencies, photographers, farmers, the media, and more, said Intel Security s Bruce Snell, in the company s annual threat report.

Snell said the concept of dronejacking was demonstrated at a security conference last year, where researchers showed how easily someone could take control of a toy drone.

Although taking over a kid s drone may seem amusing and not that big an issue, once we look at the increase in drone usage the potential for problems starts to arise, he said.

collect
0
Thomas Park 2017-06-13
img

Huntsman Security CEO Peter Woollacott on how, in the face of ever-increasing global threats like Shamoon and WannaCry, security teams best option is to automate their defences.

Like any other growth industry, cyber-crime has a supply chain.

Attackers carefully craft their toolsets, testing them and perfecting them before launching the finished version at key targets in wealthy nations.

In trying to defend against so many new threats, security teams risk fighting a losing battle, never able to gain the upper hand.

In order to combat this problem enterprises need to rethink their security strategy, focusing less on the latest new malware and more on the internal health and readiness of the organisation.

This not only means that a successful attack is inevitable given enough time, but also that analysts end up burnt-out through the fatigue caused by the continuous onslaught.

collect
0
Rosalie Lee 2017-06-20
img

It should come as no surprise, but cyber threats are continuing to rise

McAfee Labs has released its June threat report, revealing that there were 244 new threats every minute – more than four every second – during Q1 2017.

There were 301 publicly disclosed security incidents in Q1, a 53 percent increase from the previous quarter, with healthcare, education and the public sector accounting for more than half of the total.

The total number of malware samples has also increased, rising 22 percent in the last four quarters to 670 million known samples.

Other stats from the threat report serve to paint a picture of the rapidly developing cyber threat landscape which is leaving businesses in all industries constantly at risk from cyber criminals.

Ransomware has continued to be one of the big talking points following the WannaCry epidemic and the total number of ransomware samples has grown 59 percent in the past four quarters to 9.6 million known samples.

collect
0
Wayne Konwinski 2017-04-06
img

Prevalent threat intelligence challenges include dealing with the volume and quality of data being collected

McAfee Lab’s threat report for April 2017 has laid bare the threat intelligence challenges facing businesses, with 176 new cyber threats discovered every minute throughout Q4 2016.

It also delved into the inner workings of Mirai botnets, assessed reported attacks across different industries and reveals growth trends of some of today’s most prevalent cyber threats, such as malware and ransomware.

“The security industry faces critical challenges in our efforts to share threat intelligence between entities, among vendor solutions, and even within vendor portfolios,” said Vincent Weafer, vice president of McAfee Labs.

Addressing these challenges will determine the effectiveness of cybersecurity teams to automate detection and orchestrate responses, and ultimately tip the cybersecurity balance in favour of defenders.”

The sharing of threat data and intelligence is one of the hottest topics in cyber security at the moment, as organisations have realised that the problem is simply too great for any one company to tackle alone.

collect
0
Dennis Colella 2017-01-17
img

As cybercriminal groups have become ever more organised and professional, some are beginning to operate as if they were legitimate businesses -- to such an extent that those behind one of the most notorious forms of ransomware appear to close for business over Christmas, leaving their malicious work behind over the festive period.

Ransomware boomed during 2016, with Locky becoming by far the most notorious variant of the file-encrypting, ransom-demanding malicious software.

Perhaps it was because the ransomware was so successful that those behind the cybercriminal scheme seemingly took Christmas off.

According to the latest Global Threat Index by cybersecurity researchers at Check Point Software, there was an 81 percent drop in the average number of Locky infections during December.

Nathan Shuchami, head of threat prevention at Check Point, said: "The massive decrease in Locky attacks during December is part of a wider trend which saw malware attacks decrease by around eight percent compared to the previous months.

"The most likely cause genuinely is that cybercriminals have opted to take a Christmas holiday too -- perhaps to spend some of the fruits of their labours.

collect
0
Freddie Gagne 2016-11-25
img

Locky ransomware attacks continued to rise

The number of active malware families and number of attacks increased by 5% in October, according to the Global Threat Index, a monthly ranking from Check Point Software Technologies.

The company s threat intelligence research team found that locky ransomware attacks moved up in the rankings from third to second as its activity continues to spike, while the notorious Zeus banking trojan, which was initially discovered in July 2007, returned to the top three.

Locky s rise is attributed to the constant changing and expansion of its distribution mechanism, which is primarily via spam emails.

Meanwhile, Conficker retained the top spot as the world s most prevalent malware, responsible for 17% of recognised attacks.

HummingBad, which establishes a persistent rootkit on Android devices, retained its top spot in the mobile malware category.

collect
0
Jose Hilton 2016-07-17
img

Depressing reading as active malware families grow and HummingBad infects 85 million Android devices

The latest Threat Index from security specialists Check Point makes for grim reading, especially for Android users, with warnings that HummingBad has returned to the overall top-three threats across all platforms, and has now infected a staggering 85 million devices globally.

And to make matters worse, Check Point said that its latest threat data research has revealed a 61 percent increase almost two thirds in the number of active malware families in the first half of 2016.

Indeed, in its June Threat Index report, Check Point detected 2,420 unique and active malware families attacking business networks in June, representing a 21 percent increase since April.

Business networks and mobile devices are the most threatened, highlighting the scale of risk faced by internal IT teams.

The Sality virus accounted for 10 percent of all attacks, and due to its complexity, is consider to one of the formidable malware to- date.

collect
0
Frederick Jones 2017-06-20
img

The Argentina army's website was reportedly hacked and defaced with images purportedly from Islamic State (Isis).

The hacked website carried a message that reportedly read: "This is a threat.

Isis is in Argentina and you will hear from us soon."

Reuters reported that the website also displayed images of people dressed in black, which were on view for around 20 minutes, before the Argentine army took down the website.

A message on the site apologises to visitors for the inaccessibility, informing them that the site is "temporarily under maintenance".

Argentine army spokeswoman Dolores San Martin said the army was investigating the cyberattack.

collect
0
Charles Rodriguez 2016-11-02
img

The trusted insider has always been a security risk - whether an executive with access to sensitive information or an administrator on an enterprise network.

According to a recent report from the Ponemon Institute, 56 per cent of security practitioners surveyed said that company insiders are the primary cause of security breaches and 72 per cent were not confident they could control employee access to sensitive information.

But it is not only the malicious you need to worry about - don t underestimate the threats posed by human error and good intentions.

According to IBM, human error was found to be a contributing factor in more than 95 percent of incidents investigated.

The most common problems included system misconfiguration, poor patch management, using default settings and weak passwords, lost devices, and sending sensitive data to the wrong e-mail address.

This data is now two years old, but these examples of errors are still typical today.

collect
0
Brian Plymel 2017-12-19
img

(Reuters) — Facebook Inc and Microsoft Corp disabled a number of North Korean cyber threats last week, a White House official said on Tuesday, as the United States publicly blamed Pyongyang for a May cyber attack that crippled hospitals, banks and other companies.

“Facebook took down accounts that stopped the operational execution of ongoing cyber attacks and Microsoft acted to patch existing attacks, not just the WannaCry attack initially,” White House homeland security adviser Tom Bossert said on Tuesday.

Bossert did not provide details on the actions by the two American tech heavyweights but said the U.S. government was calling on other companies to cooperate in cyber security defense.

Bossert’s remarks came during a White House news conference in which he blamed Pyongyang for the WannaCry attack that infected hundreds of thousands of computers in more than 150 countries, saying the U.S. government had clear evidence that North Korea was responsible.

A Facebook spokesman confirmed that the company last week deleted accounts associated with a North Korea-linked hacking entity known as Lazarus Group “to make it harder for them to conduct their activities.” The accounts were mostly personal profiles operated as fake accounts that were used to build relationships with potential targets, the spokesman said.

The actions echoed similar steps the social media powerhouse took this year against suspected Russian accounts that Facebook said were used to promote divisive political messages during the 2016 U.S. presidential election.

collect
0
Jason Vest 2016-10-24
img

Having the right security measures may have helped prevent those attacks.

Ransomware attacks, where attackers threaten an attack in exchange for money or valuable information, increased sevenfold between July and August 2016.

In the past year, 73% of companies suffered at least one Distributed Denial of Service DDoS attack.

An employee clicking a bad link, a simple mistake, can also cause a breach.

More than 7,000 businesses in the U.S. suffered total combined losses of around $740 million after employees fell victim to email-based phishing scams from 2013 – 2015.

The daunting depiction of newly discovered security threats often gets attention from media and business leaders alike.

collect
0
Robert Tuohy 2016-08-03
img

News: The company launched new FusionX IR services built on an adversary- and threat-focused approach.

Accenture has launched the new FusionX incident response IR service globally to help clients prepare and respond to cyberattacks.

FusionX, part of Accenture Security, offers cyber attack simulation, threat modeling, cyber investigations, and security risk advisory services.

The new services, which have been delivered by IR specialists, are built on an adversary and threat-focused approach.

They include emergency incident response and continuous incident response services.

A specialised team will assess the scope of the breach and offer recommendations for remediation.

collect
0
Scott Mayle 2017-05-31
img

p Cisco and IBM announced today a new partnership aimed at the rising tide of cybercrime that seems to increasingly be gaining the upper hand.

The companies said they would more closely integrate their products, and their customers’ systems, to streamline the management of cyber threats.

The companies’ security research teams will also begin collaborating.

Fundamentally, the companies said that the exploding number of tools and services designed to fight cybercrime don’t communicate well with each other, creating gaps that can be exploited by external forces.

Cisco said that one of its surveys found that organizations use up to 50 different security products as they rush to plug every single possible hole.

But that leads to a complexity that IBM and Cisco say they want to simplify.

collect
0
James Kiley 2017-02-08
img

It's taken a whole year for it to be dislodged, but Hummingbad has finally been overtaken as the leading form of mobile malware.

The Hummingbad Android malware is still likely making its creators hundreds of thousands of dollars a month, and continues to infect millions of devices, but the Triada malware has taken the top spot in the first month of the year, Check Point's Threat Impact Index for January has revealed.

Hiddad, a form of Android malware which repackages apps then releases them to a third-party store in order to display ads and observe sensitive user data of downloaders, was the third most prolific form of mobile malware in January.

Looking at malware overall, the researchers ranked Kelihos as the most prolific malware of January.

Kelihos is a botnet mainly involved in Bitcoin theft and spamming; it uses peer-to-peer communication to enable each individual node to act as command-and-control server.

Kelihos is thought to have impacted five percent of all organisations across the globe.

collect
0
Robert Pedigo 2018-03-06
img

SonicWall has revealed its ‘Cyber Threat Report’, which recorded an 18.4% year on year increase in the number of malware attacks last year taking the total to 9.32bn.

The research did however demonstrate ransomware attacks have reduced over the last two years, down to 184m from 645m, but the number of new Common Vulnerabilities and Exposures (CVEs) totalled 14,500 increasing by 101.2%.

European regions did not fall far behind, with 37% of attacks happening there in 2017.

This increase has allowed more opportunities for cybercriminals to hide malicious content in encrypted traffic.

In total 60 file-based malware propagation attempts were found per SonicWall firewall each day.

By sharing actionable intelligence, we collectively improve our business and security postures against today’s most malicious threats and criminals.”

Michael Smith 2016-12-17
img

Criminals will be stealing drones or using them to commit crimes.

A big rise in drone use is likely to lead to a new wave of dronejackings by cybercriminals, security experts have warned.

A recent report by Intel s McAfee Labs said hackers are expected to start targeting drones used for deliveries, law enforcement and film crews.

Drones are well on the way to becoming a major tool for shippers, law enforcement agencies, photographers, farmers, the media, and more, said Intel Security s Bruce Snell, in the company s annual threat report.

Snell said the concept of dronejacking was demonstrated at a security conference last year, where researchers showed how easily someone could take control of a toy drone.

Although taking over a kid s drone may seem amusing and not that big an issue, once we look at the increase in drone usage the potential for problems starts to arise, he said.

Rosalie Lee 2017-06-20
img

It should come as no surprise, but cyber threats are continuing to rise

McAfee Labs has released its June threat report, revealing that there were 244 new threats every minute – more than four every second – during Q1 2017.

There were 301 publicly disclosed security incidents in Q1, a 53 percent increase from the previous quarter, with healthcare, education and the public sector accounting for more than half of the total.

The total number of malware samples has also increased, rising 22 percent in the last four quarters to 670 million known samples.

Other stats from the threat report serve to paint a picture of the rapidly developing cyber threat landscape which is leaving businesses in all industries constantly at risk from cyber criminals.

Ransomware has continued to be one of the big talking points following the WannaCry epidemic and the total number of ransomware samples has grown 59 percent in the past four quarters to 9.6 million known samples.

Dennis Colella 2017-01-17
img

As cybercriminal groups have become ever more organised and professional, some are beginning to operate as if they were legitimate businesses -- to such an extent that those behind one of the most notorious forms of ransomware appear to close for business over Christmas, leaving their malicious work behind over the festive period.

Ransomware boomed during 2016, with Locky becoming by far the most notorious variant of the file-encrypting, ransom-demanding malicious software.

Perhaps it was because the ransomware was so successful that those behind the cybercriminal scheme seemingly took Christmas off.

According to the latest Global Threat Index by cybersecurity researchers at Check Point Software, there was an 81 percent drop in the average number of Locky infections during December.

Nathan Shuchami, head of threat prevention at Check Point, said: "The massive decrease in Locky attacks during December is part of a wider trend which saw malware attacks decrease by around eight percent compared to the previous months.

"The most likely cause genuinely is that cybercriminals have opted to take a Christmas holiday too -- perhaps to spend some of the fruits of their labours.

Jose Hilton 2016-07-17
img

Depressing reading as active malware families grow and HummingBad infects 85 million Android devices

The latest Threat Index from security specialists Check Point makes for grim reading, especially for Android users, with warnings that HummingBad has returned to the overall top-three threats across all platforms, and has now infected a staggering 85 million devices globally.

And to make matters worse, Check Point said that its latest threat data research has revealed a 61 percent increase almost two thirds in the number of active malware families in the first half of 2016.

Indeed, in its June Threat Index report, Check Point detected 2,420 unique and active malware families attacking business networks in June, representing a 21 percent increase since April.

Business networks and mobile devices are the most threatened, highlighting the scale of risk faced by internal IT teams.

The Sality virus accounted for 10 percent of all attacks, and due to its complexity, is consider to one of the formidable malware to- date.

Charles Rodriguez 2016-11-02
img

The trusted insider has always been a security risk - whether an executive with access to sensitive information or an administrator on an enterprise network.

According to a recent report from the Ponemon Institute, 56 per cent of security practitioners surveyed said that company insiders are the primary cause of security breaches and 72 per cent were not confident they could control employee access to sensitive information.

But it is not only the malicious you need to worry about - don t underestimate the threats posed by human error and good intentions.

According to IBM, human error was found to be a contributing factor in more than 95 percent of incidents investigated.

The most common problems included system misconfiguration, poor patch management, using default settings and weak passwords, lost devices, and sending sensitive data to the wrong e-mail address.

This data is now two years old, but these examples of errors are still typical today.

Jason Vest 2016-10-24
img

Having the right security measures may have helped prevent those attacks.

Ransomware attacks, where attackers threaten an attack in exchange for money or valuable information, increased sevenfold between July and August 2016.

In the past year, 73% of companies suffered at least one Distributed Denial of Service DDoS attack.

An employee clicking a bad link, a simple mistake, can also cause a breach.

More than 7,000 businesses in the U.S. suffered total combined losses of around $740 million after employees fell victim to email-based phishing scams from 2013 – 2015.

The daunting depiction of newly discovered security threats often gets attention from media and business leaders alike.

Scott Mayle 2017-05-31
img

p Cisco and IBM announced today a new partnership aimed at the rising tide of cybercrime that seems to increasingly be gaining the upper hand.

The companies said they would more closely integrate their products, and their customers’ systems, to streamline the management of cyber threats.

The companies’ security research teams will also begin collaborating.

Fundamentally, the companies said that the exploding number of tools and services designed to fight cybercrime don’t communicate well with each other, creating gaps that can be exploited by external forces.

Cisco said that one of its surveys found that organizations use up to 50 different security products as they rush to plug every single possible hole.

But that leads to a complexity that IBM and Cisco say they want to simplify.

Gary Tokarski 2017-03-27
img

Growing mobile threats affect iOS

Mobile malware is at the highest level yet recorded, infecting 1.35 per cent of all mobile devices in October, according to a study by Nokia out today.

The high water mark in October compares to figures of 1.06 per cent in April 2016.

While Android smartphones and tablets remained the top mobile target (81 per cent), iOS-based devices were also affected, particularly through spyphone applications, in the second half of the last year (4 per cent).

Spyphone surveillance software (sometimes marked as spousal or child monitoring tech) tracks a user's calls, text messages, social media applications, web searches, GPS locations or other activities.

Issued twice per year, Nokia’s Threat Intelligence Report examines general trends and statistics for infections in devices connected through mobile and fixed networks around the world.

Thomas Park 2017-06-13
img

Huntsman Security CEO Peter Woollacott on how, in the face of ever-increasing global threats like Shamoon and WannaCry, security teams best option is to automate their defences.

Like any other growth industry, cyber-crime has a supply chain.

Attackers carefully craft their toolsets, testing them and perfecting them before launching the finished version at key targets in wealthy nations.

In trying to defend against so many new threats, security teams risk fighting a losing battle, never able to gain the upper hand.

In order to combat this problem enterprises need to rethink their security strategy, focusing less on the latest new malware and more on the internal health and readiness of the organisation.

This not only means that a successful attack is inevitable given enough time, but also that analysts end up burnt-out through the fatigue caused by the continuous onslaught.

Wayne Konwinski 2017-04-06
img

Prevalent threat intelligence challenges include dealing with the volume and quality of data being collected

McAfee Lab’s threat report for April 2017 has laid bare the threat intelligence challenges facing businesses, with 176 new cyber threats discovered every minute throughout Q4 2016.

It also delved into the inner workings of Mirai botnets, assessed reported attacks across different industries and reveals growth trends of some of today’s most prevalent cyber threats, such as malware and ransomware.

“The security industry faces critical challenges in our efforts to share threat intelligence between entities, among vendor solutions, and even within vendor portfolios,” said Vincent Weafer, vice president of McAfee Labs.

Addressing these challenges will determine the effectiveness of cybersecurity teams to automate detection and orchestrate responses, and ultimately tip the cybersecurity balance in favour of defenders.”

The sharing of threat data and intelligence is one of the hottest topics in cyber security at the moment, as organisations have realised that the problem is simply too great for any one company to tackle alone.

Freddie Gagne 2016-11-25
img

Locky ransomware attacks continued to rise

The number of active malware families and number of attacks increased by 5% in October, according to the Global Threat Index, a monthly ranking from Check Point Software Technologies.

The company s threat intelligence research team found that locky ransomware attacks moved up in the rankings from third to second as its activity continues to spike, while the notorious Zeus banking trojan, which was initially discovered in July 2007, returned to the top three.

Locky s rise is attributed to the constant changing and expansion of its distribution mechanism, which is primarily via spam emails.

Meanwhile, Conficker retained the top spot as the world s most prevalent malware, responsible for 17% of recognised attacks.

HummingBad, which establishes a persistent rootkit on Android devices, retained its top spot in the mobile malware category.

Frederick Jones 2017-06-20
img

The Argentina army's website was reportedly hacked and defaced with images purportedly from Islamic State (Isis).

The hacked website carried a message that reportedly read: "This is a threat.

Isis is in Argentina and you will hear from us soon."

Reuters reported that the website also displayed images of people dressed in black, which were on view for around 20 minutes, before the Argentine army took down the website.

A message on the site apologises to visitors for the inaccessibility, informing them that the site is "temporarily under maintenance".

Argentine army spokeswoman Dolores San Martin said the army was investigating the cyberattack.

Brian Plymel 2017-12-19
img

(Reuters) — Facebook Inc and Microsoft Corp disabled a number of North Korean cyber threats last week, a White House official said on Tuesday, as the United States publicly blamed Pyongyang for a May cyber attack that crippled hospitals, banks and other companies.

“Facebook took down accounts that stopped the operational execution of ongoing cyber attacks and Microsoft acted to patch existing attacks, not just the WannaCry attack initially,” White House homeland security adviser Tom Bossert said on Tuesday.

Bossert did not provide details on the actions by the two American tech heavyweights but said the U.S. government was calling on other companies to cooperate in cyber security defense.

Bossert’s remarks came during a White House news conference in which he blamed Pyongyang for the WannaCry attack that infected hundreds of thousands of computers in more than 150 countries, saying the U.S. government had clear evidence that North Korea was responsible.

A Facebook spokesman confirmed that the company last week deleted accounts associated with a North Korea-linked hacking entity known as Lazarus Group “to make it harder for them to conduct their activities.” The accounts were mostly personal profiles operated as fake accounts that were used to build relationships with potential targets, the spokesman said.

The actions echoed similar steps the social media powerhouse took this year against suspected Russian accounts that Facebook said were used to promote divisive political messages during the 2016 U.S. presidential election.

Robert Tuohy 2016-08-03
img

News: The company launched new FusionX IR services built on an adversary- and threat-focused approach.

Accenture has launched the new FusionX incident response IR service globally to help clients prepare and respond to cyberattacks.

FusionX, part of Accenture Security, offers cyber attack simulation, threat modeling, cyber investigations, and security risk advisory services.

The new services, which have been delivered by IR specialists, are built on an adversary and threat-focused approach.

They include emergency incident response and continuous incident response services.

A specialised team will assess the scope of the breach and offer recommendations for remediation.

James Kiley 2017-02-08
img

It's taken a whole year for it to be dislodged, but Hummingbad has finally been overtaken as the leading form of mobile malware.

The Hummingbad Android malware is still likely making its creators hundreds of thousands of dollars a month, and continues to infect millions of devices, but the Triada malware has taken the top spot in the first month of the year, Check Point's Threat Impact Index for January has revealed.

Hiddad, a form of Android malware which repackages apps then releases them to a third-party store in order to display ads and observe sensitive user data of downloaders, was the third most prolific form of mobile malware in January.

Looking at malware overall, the researchers ranked Kelihos as the most prolific malware of January.

Kelihos is a botnet mainly involved in Bitcoin theft and spamming; it uses peer-to-peer communication to enable each individual node to act as command-and-control server.

Kelihos is thought to have impacted five percent of all organisations across the globe.