Websites Attack Attempts Rose in Q2
New data shows attackers are trying to sneak past malware scanners on websites using stealthy hacks such as cryptojacking and malicious JavaScript. Website security service provider SiteLock analyzed data from 6 million customer websites for the second quarter of 2018 and found that a website, on average, suffers 58 attack attempts per day – or…
Why humans are necessary to the threat hunting process
For thousands of years, humans have worked to collect intelligence on their enemies. Intelligence gathering is not a new practice; in fact, it is one of the oldest war tactics dating back to biblical times, when warlords and army commanders used it to gain advantages over their rivals. However, the methods have changed as new…
Analysis of half-a-billion emails reveals malware-less email attacks are on the rise
FireEye analyzed over half-a-billion emails from 1H 2018, and found that 32% of email traffic seen in the first half of 2018 was considered ‘clean’ and actually delivered to an inbox. Their report also found that 1 in every 101 emails had malicious intent. When compared to the previous six-month period, the changes in both…
DDoS attack frequency grows 40%, low volume attacks dominate
The frequency of DDoS attacks have once again risen, this time by 40% year on year, according to Corero Network Security. While frequency has increased, the duration of attacks decreased with 77% lasting ten minutes or less, of which 63% last five minutes or less. Perhaps more concerning is that, having faced one attack, one…
Phished credentials caused twice as many breaches than malware in the past year
Personal device use for remote work poses the biggest security risk to organisations safeguarding their increasingly mobile and cloud-based IT environment, according to a new survey of 100 UK-based senior IT security professionals. Conducted from March to May by Rant, the survey found 58 percent of respondents believe that network access from non-corporate and personally-owned…
Banking Trojan attacks increase, large scale Ramnit campaign impacts organizations worldwide
Check Point revealed a significant increase in attacks using the Ramnit banking trojan. Ramnit has doubled its global impact over the past few months, driven by a large scale campaign that has been converting victim’s machines into malicious proxy servers. During August 2018, Ramnit became the most prevalent banking Trojan in an upward trend in…
Attackers Employ Social Engineering to Distribute New Banking Trojan
Unknown attackers have begun using a sophisticated, new banking Trojan, dubbed CamuBot, to steal money from the business customers of several major banks in Brazil, a country sometimes used as a testing ground for financial malware that is about to be launched globally. IBM X-Force security researchers, who have been tracking the threat, this week…
Fileless malware: getting the lowdown on this insidious threat
Traditionally, malware attacks as we have always known them are files written to disk in one form or another that require execution in order to carry out their malicious scope. Fileless malware, on the other hand, is intended to be memory resident only, ideally leaving no trace after its execution. The malicious payload exists dynamically…
Cybercriminals shift tools, tactics and procedures to improve infection rates
Trend Micro released its Midyear Security Roundup 2018, revealing that cybercriminals are moving away from attention-grabbing ransomware attacks to more covert methods intended to steal money and valuable computing resources. Cryptojacking attempts are making the biggest impact so far this year. Trend Micro recorded a 96 percent increase in cryptocurrency mining detections in 1H 2018…
Man-in-the-Disk: A new and dangerous way to hack Android
Android is a good operating system whose developers truly care about security, but with so many OS versions and applications, keeping an eye on all of them is a tall order. Therefore, new ways to circumvent the built-in security mechanisms surface fairly often. The latest way to hack Android is called “Man-in-the-Disk,” and that is…