Enterprises, beware. Threat actors are continuing to eye businesses for high returns on investment in Q1 2019, breaching infrastructure, exfiltrating or holding data hostage, and abusing weak credentials for continued, targeted monitoring. From a steadfast increase of pervasive Trojans, such as Emotet, to a resurgence of ransomware lodged against corporate targets, cybercriminals are going after organizations with a vengeance.
Yet every cloud has a silver lining, and for all the additional effort thrown at businesses, consumer threats are now on the decline. Ransomware against consumers has slowed down to a trickle and cryptomining, at a fever pitch against consumers this time last year, has all but died. Interestingly, this has resulted in an overall decline in the volume of malware detections from Q4 2018 to Q1 2019.
While threat actors made themselves busy with challenging new victims, they ensnared targets in the old ways, using tried-and-true malspam and social engineering tactic
Recent research from Kaspersky has revealed a massive criminal campaign that was able to infiltrate more than 100 different banks and steal upwards of $1 billion from the affected institutions. Kaspersky dubbed this operation the Carbanak APT due to a connection between the malware used in the attacks and the now infamous Carberp banking botnet. You may recall the headlines in 2013 that revealed the Carberp source code had been leaked into the wild, making it accessible to virtually any would-be criminal group that may want it. The accessibility of Carberp source code could easily have provided a starting point for the Carbanak as they built their malware.
Of all the industries targeted by cyber-attackers, financial services is one of the most attractive. As noted bank robber Willie Sutton once said, “Go where the money is … and go there often.” That, it seems, is what cybercriminals are doing, launching malware, Trojans, spear phishing and ransomware attacks at banks and institutions to compromise networks and gain access to valuable data. Download now!
So-called "redirector" or "search engine" spam emerged in late 2007 and has now grown into a significant threat to businesses. In this new MessageLabs whitepaper, learn about the latest spammer ploy to get dangerous links past traditional defenses, and how MessageLabs delivers a proven, cost-effective solution.
In the underground digital economy, thousands of criminals conduct business in excess of $100 billion. In this whitepaper you’ll learn more about this highly specialized marketplace, and how it generates powerful tools to steal victims’ identities. You’ll also see why MessageLabs unique proprietary technology helps to disrupt this activity.
The Internet has proven to be a vital communications medium for worldwide commerce, but as an open and unprotected global network it can also present a wide range of threats that can cripple any business organization. Several years ago, most Internet threats were relatively benign examples of a young adolescent’s technical expertise but over time they have evolved into increasingly sophisticated domestic and foreign attacks that are designed to capture financial, personal, or strategic business information. Threats now come in the form of deliberately malicious acts, and exploitative opportunities for hackers and/or organized crime. The impact is serious, and the landscape of victims is getting broader every day. In response, no organization can afford to have its networks remain unprotected.
Published By: Clearswift
Published Date: Jun 09, 2008
Every enterprise has to find a balance between security and the ability to carry on conducting business freely. This short guide is about finding that balance. By following some basic principles, there's no reason you can't let legitimate business email move into, out of and within your enterprise while stopping the things that cause damage: viruses, spam, spyware, trojans, phishing, Denial of Service attacks, the loss of sensitive data and the collection of illegal, immoral and just plain offensive material.
In this brief, you'll learn how CA Recovery Management Products, like CA ARCserve Backup and CA XOsoft solutions, can be applied with VMware Infrastructure to help you effectively respond to the challenges and opportunities of business-critical computing.
Take the stealth, creativity and patience of Stuxnet, the commercialism, wide
distribution and easy-to-use toolkits of Zeus, and you understand the potency of today’s malware. Start planning now to protect your intellectual property and other assets.
Published By: MX Logic
Published Date: May 21, 2008
Rootkits, Trojans, ransomware, Denial-of-Service and much more – this newly released white paper from MX Logic covers the everchanging security threat landscape. Learn what malicious intrusions are out there, how to identify them and how to keep your network safe.
A new white paper from Panda Security discusses the new breed of silent online threats that can bypass traditional antivirus programs and penetrate even the most highly 'protected' networks. Additionally, the sheer volume of malware has overwhelmed the antivirus industry as a whole. Collective Intelligence is a new global security model specifically designed to combat the next evolution of malicious code.
Measuring the effectiveness of your security infrastructure is key to any enterprise as threats change on a minute by minute basis. See an example of the report you would receive following a Trend Micro Threat Discovery Assessment.
As another year draws to a close, few can have failed to notice the plagues of malicious software, floods of fraudulent emails and the generally increased pestilence of our online world, marking out 2007 as one of the most remarkable in the history of malware. This report covers the top malware threats in 2007 and provides monthly summaries.
Spam looks like a simple enough issue until you have to try to define it: after all, we all think we know it when we see it. Most people have a working definition along the lines of “email I don’t want.” While that’s perfectly understandable, it is difficult to implement technical solutions based on such a subjective definition. Read this paper to learn why SPAM is more than just unwanted email.
Anti-virus does much more than reactively detect known viruses; it proactively scans for unknown ones too. So, how do scanners really work? The aim of this paper is to reduce some of the confusion around the workings of AV technology, and to clarify what is realistic to expect from AV protection, particularly heuristic analysis.
You spoke and we listened. Today’s advanced malware threats have you spending a lot of resources fighting an uphill battle. The answer is McAfee Advanced Threat Defense—so you can find, freeze, and fix threats.
The Adwind Remote Administration Tool is a backdoor Trojan written in Java language that targets various platforms that support Java files. Adwind does not exploit any vulnerabilities. In most cases, for an infection to succeed, the user must run the malware by double-clicking the .jar file that is usually distributed as an attachment, or opening an infected Microsoft Word document. The infection spreads if the Java Runtime Environment is installed on the user's computer. After the malicious .jar file is executed on the target system, the malware installs silently and connects to a remote server via a preconfigured port to receive commands from a remote attacker and perform other illegal operations.
Spyware is on the rise and has been the cause of many data breaches. Stopping it needs to be a strategic part of an organization's overall security plan. Reactive signature-based anti-virus and firewall technology is not a complete solution to prevention. Read this white paper to learn the top five behaviors associated with data theft and how advanced behavioral detection solutions is an effective technology for stopping spyware and can identify and prevent legitimate applications from being misused.
This white paper, intended for a management-level audience, describes why and how any organization can implement secure Internet single sign-on with a federated identity management system. Learn more today!
Web Services are emerging as the preeminent method for program-to-program communication across corporate networks as well as the Internet. Securing web Services has been a challenge until recently, as typical Web authentication and authorization techniques employed browser-to-server architectures (not program-to-program). This resulted in user identity ending at the Web Application Server, forcing the Web Services Provider to trust blindly that the Web Services Requester had established identity and trust with the end user.