Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Friday, April 05, 2013

Malware attacks occur every three minutes

Malware activity has become so pervasive that organizations experience a malicious email file attachment or Web link as well as malware communication that evades legacy defenses up to once every three minutes, according to FireEye. “The high rate at which cyber attacks are happening illustrates the allure of malware,” said Zheng Bu, senior director of research. “Today, malware writers spend enormous effort on developing evasion techniques that bypass legacy security systems. Across industries, the rate of malware activity varies, with technology companies experiencing the highest volume with up to one event per second.


When sending spear phishing emails, attackers opt for file names with common business terms to lure unsuspecting users into opening the malware and initiating the attack. These terms fall into three general categories: shipping and delivery, finance, and general business.

Instances of malware are uncovered that execute only when users move a mouse, a tactic which could dupe current sandbox detection systems since the malware doesn’t generate any activity.

By avoiding the more common .exe file type, attackers leverage DLL files to prolong infections. Ashar Aziz, FireEye founder and CTO said: “As cybercriminals invest more in advanced malware and innovations to better evade detection, enterprises must rethink their security infrastructure and reinforce their traditional defenses with a new layer of security that is able to detect these dynamic, unknown threats in real time.”

Link: http://www.net-security.org/malware_news.php?id=2455

 

Posted on 04/05
TrendsPermalink