Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

WatchGuard Launches Threat Landscape visualisation tool for analysing Firebox Feed data to better understand security threats

March 2018 by WatchGuard Technologies

Total malware attacks are up by 33 percent and cyber criminals are
increasingly leveraging Microsoft Office documents to trick victims and deliver
malicious payloads, according to the latest Internet Security Report from WatchGuard
Technologies, based on global threat intelligence data from nearly 40,000 Firebox
appliances. WatchGuard has also launched a new Threat Landscape data visualisation
tool, giving public access to daily updates about the most prevalent computer and
network security threats affecting SMBs and distributed enterprises.

Dynamic Data Exchange (DDE) attacks topped WatchGuard’s top-ten malware list as
hackers increasingly exploited issues within the Microsoft Office standard to
execute code. Also called ‘macro-less malware’, these malicious documents often
use PowerShell and obfuscated script to get past network defences. Additionally, two
of the top-ten network attacks involved Microsoft Office exploits, further
emphasising the growing trend of malicious document attacks.

Overall, malware attacks grew significantly, while zero day malware variants jumped
167 percent. WatchGuard Fireboxes blocked over 30 million malware variants in Q4
2017, which was a 33 percent increase over the previous quarter. Out of the total
threats prevented, the subset of new or zero day malware instances rose steeply by
167 percent, compared to the previous quarter. These increases can likely be
attributed to heightened criminal activity during the holiday season.

“After a full year of collecting and analysing Firebox Feed data, we can clearly
see that cyber criminals are continuing to leverage sophisticated, evasive attacks
and resourceful malware delivery schemes to steal valuable data,” said Corey
Nachreiner, chief technology officer at WatchGuard Technologies. “Although these
criminal tactics may vary over time, we can be certain that this broad trend will
persist, so the risks have never been greater for small and midsize organisations
with less IT and security resources. We encourage businesses of all sizes to
proactively mitigate these threats with layered security services, advanced malware
protection and employee education and training in security best practices.”

The report also shows that nearly half of all malware detected eluded basic
antivirus (AV) solutions. WatchGuard Fireboxes block malware using both legacy
signature-based detection techniques and a modern, proactive behavioural detection
solution - APT Blocker - which provides advanced malware protection by catching
malware variants missed by legacy AV signatures. This zero day malware accounted for
46 percent of all malware in Q4. This level of growth suggests criminals are using
more sophisticated evasion techniques capable of slipping attacks past traditional
AV services, which further underscores the importance of behaviour-based defences.

Script-based attacks caught by signatures for JavaScript and Visual Basic Script
threats, such as downloaders and droppers, accounted for 48 percent of top malware
detected in Q4. Users should take note of the continued popularity of these attacks
and watch out for malicious script in web pages and email attachments of any kind.

The full Internet Security Report features evaluations of the quarter’s most
pervasive malware and network attacks, recommendations for useful defensive
strategies in today’s threat landscape, and a detailed breakdown of “the Krack
Attack” - one of the top information security issues in 2017.

Additionally, the report includes a new research project from the WatchGuard Threat
Lab, which analyses a database of more than 1 billion stolen password records to
stress just how often users choose weak passwords and re-use credentials across
multiple accounts. This quarter’s conclusions are based on anonymised Firebox Feed
data from nearly 40,000 active WatchGuard Fireboxes worldwide, which blocked more
than 30 million malware variants (783 per device) and 6.9 million network attacks
(178 per device) in Q4 2017.

New Threat Landscape Data Visualisation Tool
WatchGuard’s new Threat Landscape data visualisation tool offers daily security
insights regarding the top malware and network attacks around the globe. The Threat
Landscape page enables users to search Firebox Feed data by type of attack, region
or country, and targeted date ranges, with interactive graphics that are updated
instantly and easy to read.


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts