To increase the chances of a malware deploying and executing within a target environment, savvy cybercriminals use transport layer security (TLS) and secure sockets layer (SSL) encryption standards to mask their attacks from inspection by traditional security controls.
Fileless malware is a type of malicious software that exists exclusively as a memory based artifact (i.e., RAM). Fileless malware does not write any part of its activity to the computer’s hard drive, making it very resistant to existing computer forensic strategies that incorporate file-based whitelisting, signature detection, hardware verification, pattern-analysis, time-stamping, etc.
In Australia, the head of the local intelligence agency was recruited to inform universities about cyber threats and ways of prevention. This was one of the initiatives put in place after an extremely sophisticated threat actor compromised the Australian National University (ANU) and persisted within the university’s network for months at a time.
In 2019, there was an increase in ransomware used in targeted attacks toward state, provincial and local governments, as well as large corporations. Attacks have ranged from hospitals, police stations and educational institutions to aluminum factories (Norsk Hydro, Norway) and power grids (City Power, Johannesburg). “In a modern, citizen-centric environment, successful ransomware attacks are highly […]
The shuttering of the Coinhive mining operation in March 2019 dealt a devasting blow to the nefarious cryptojacking racket that abused the service. Coinhive was not inherently malicious; it was an alternative method for websites to earn revenue instead of showing advertisements.
Mirroring how malware is being leveraged, cybercriminals are being more targeted with phishing than ever before, too. So much so, SonicWall Capture Labs threat researchers recorded a 42% decline in overall phishing volume, the third straight year the attack vector declined.
Tracking the evolution of malware strains The collective power of Capture ATP and RTDMI also helps SonicWall Capture Labs threat researchers track the evolution of malware variants — even when authors obfuscate their payloads, such as using scripts inside of archives.
PDFs, Microsoft Office files among top new file types In 2019, SonicWall observed that most new threats are based on malicious PDFs or Office files, followed by Archives. PDF files are popular because they are searchable, can be viewed on any device, are easy to create and may be encrypted for security, password-protected and/or digitally […]
In many cases, zero-day vulnerabilities are patched, fixed or otherwise mitigated before attacks can cause serious damage. Unfortunately, the inverse is also true. In 2019, SonicWall recorded and analyzed the top 10 CVEs that were exploited “in the wild.
THERE IS AN EXPLOSION OF EXPOSURE POINTS. Citing the rapid emergence of IoT across multiple industries, Gartner states 5.8 billion endpoints will be in use in 2020. Predictions forecast up to over a trillion programmable endpoints over the next two decades.