The SecureWorks® Counter Threat Unit™ (CTU) research team analyzes security threats and helps
organizations protect their systems. During May and June 2017, CTU™ researchers identified lessons
learned and observed notable developments in threat behaviors, the global threat landscape, and
• The global WCry and NotPetya campaigns reinforced the need for a layered approach
• Attacks used obfuscated malicious files and scripts to bypass filtering and deliver malware.
• A Chinese threat group has had repeated success using compromised websites to attack
• Threat actors have been stealing intellectual property from Japanese enterprises.
Published By: Mimecast
Published Date: Aug 22, 2017
Navigating a turbulent cybersecurity climate can be hard – especially as threats like Petya and WannaCry continue to cripple organizations. Business disruption, downtime, technical failure and data loss are all real risk factors that can’t be ignored.
The power of preparedness is in your hands. Get expert insight, tips and guidance from industry thought leaders on how to build a cyber resilience plan for email in this e-book.
Published By: Mimecast
Published Date: Aug 22, 2017
Regulatory fines for violations of HIPAA in the US, DPA in the UK and GDPR can cost organizations millions of dollars. And providers can’t afford the costs of cyber security incidents which can range from prolonged downtime, not being able to care for patients, to paying a ransom to unencrypt important data.
Learn the biggest threats to your organization and how to improve protection against:
• Ransomware such as WannaCry and Petya
• Malicious URLs that entice users to click
• Bad Attachments that can infect your network
• Business email compromise that siphons information or cash from your organization
• Internal employees and the potential for malicious intent or careless mistakes
Published By: Infosys
Published Date: May 21, 2018
June 28 is Ukrainian Constitution Day. It is also one of the longer days of the year - and in 2017, for the staff at one multinational corporation, it certainly felt that way. They arrived at work to find computers locked by the Petya ransomware. Would the company grind to a halt? Would they be held to ransom? How could they prevent it from happening again?
These were the questions. Infosys was hired to provide the answers.
The cyberattacks of 2017 proved more numerous, sophisticated, and ruthless than in years past. Threat actors, armed with knowledge stolen from the CIA and tools lifted from the NSA, demonstrated an elevated level of proficiency. WannaCry and NotPetya, two prominent threats from last year, successfully exploited these stolen assets in their assault on systems worldwide. As 2017 progressed, new opportunities developed in ransomware-as-a-service (RaaS), opening the gates of malware-for-profit to everyone. Advancements in fileless attacks provided new ways for threats to hide from once reliable detection methods. Malware features such as polymorphism continued to play a powerful role in evading traditional defenses. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. France and the United States saw significant data breaches during their recent presidential elections. Several high-profile companies lost their customers’ personally identifiable information to cyberattacks, blemishing their brands and costing them untold millions in recovery operations. This report contains an overview of the threat trends and malware families Cylance's customers faced in 2017. This information is shared with the goal of assisting security practitioners, researchers, and individuals in our collective battle against emerging and evolving cyberthreats.
Fileless attacks surged in 2017, largely due to their ability to bypass traditional antivirus solutions. Last year was host to several fileless malware victories. OceanLotus Group infiltrated Asian corporations during Operation Cobalt Kitty, and conducted nearly six months of fileless operations before detection. Ransomware hall-of-famers Petya and WannaCry both implemented fileless techniques in their kill chains. Every major player in information security agrees that fileless attacks are difficult to stop, and the threats are growing worse. Abandoning files is a logical and tactical response to traditional AV solutions which have overcommitted to file-intensive and signature-based blacklists. What can security solutions offer when there are no infected files to detect? How will a blacklist stop an aggressor that only uses legitimate system resources? The security landscape is changing and the divide between traditional AV products and next-generation security solutions is growing wider by the day. Cylance® has built a reputation on security driven by artificial intelligence and provides a frontline defense against fileless malware. This document details how Cylance protects organizations.
There will be a ransomware attack on businesses every 14 seconds by the end of 2019 . Every 40 seconds, one of those attacks will prove successful , with devastating effects ranging from permanent loss of irreplaceable data to life-threatening interruptions to patient care. In years past, expert malware authors packaged up their know-how into costly exploit kits sold on the underground market. Cyber criminals had to recover high upfront costs before launching a campaign and realizing a profit. Today, ransomware-as a-service groups like Satan make it easier than ever before for would-be cyber criminals with minimal technical skills to launch attacks, offering free ransomware toolkits and hands-on help to manage campaigns and extort payments. Read our white paper to learn how CylancePROTECT® prevents Petya, Goldeneye, WannaCry, Satan, and many more from executing, with machine learning models dating back to September 2015, long before the ransomware first appeared in the wild.