Malware attacks occur every three minutes
Posted on 04.04.2013
Malware activity has become so pervasive that organizations experience a malicious email file attachment or Web link as well as malware communication that evades legacy defenses up to once every three minutes, according to FireEye.


“The high rate at which cyber attacks are happening illustrates the allure of malware,” said Zheng Bu, senior director of research. “Today, malware writers spend enormous effort on developing evasion techniques that bypass legacy security systems. Unless enterprises take steps to modernize their security strategy, most organizations are sitting ducks.”

Enterprises are attacked up to once every three minutes. Across industries, the rate of malware activity varies, with technology companies experiencing the highest volume with up to one event per second. Some industries are attacked cyclically, while some verticals experience attacks erratically.

Spear phishing remains the most common method for initiating advanced malware campaigns. When sending spear phishing emails, attackers opt for file names with common business terms to lure unsuspecting users into opening the malware and initiating the attack. These terms fall into three general categories: shipping and delivery, finance, and general business. The top term in malware file names, for example, was “UPS”.

ZIP files remain the preferred file of choice for malware delivery. Malicious malware is delivered in ZIP file format in 92 percent of attacks.

Several innovations have appeared to better evade detection. Instances of malware are uncovered that execute only when users move a mouse, a tactic which could dupe current sandbox detection systems since the malware doesn’t generate any activity. In addition, malware writers have also incorporated virtual machine detection to bypass sandboxing.

Attackers are increasingly using DLL files. By avoiding the more common .exe file type, attackers leverage DLL files to prolong infections.


Ashar Aziz, FireEye founder and CTO said: “As cybercriminals invest more in advanced malware and innovations to better evade detection, enterprises must rethink their security infrastructure and reinforce their traditional defenses with a new layer of security that is able to detect these dynamic, unknown threats in real time.”





Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //