Category: Trends

Simply put, a “watering hole” attack uses a trusted website as a base to divert visitors to an unsafe, malicious website, where malware can then take advantage of vulnerabilities within a PC system to steal data.

The report suggests that industrial espionage is on the rise, and manufacturing is now the most attractive target for those looking to steal valuable data, accounting for 24 percent of targeted attacks.

As social media spam rises, traditional spam has declined slightly from 75 percent of all email sent in 2011 to 69 percent last year — although 30 billion are still sent every day.

“This year’s ISTR shows that cybercriminals aren’t slowing down, and they continue to devise new ways to steal information from organizations of all sizes,” said Stephen Trilling, chief technology officer of Symantec.

Link: http://www.zdnet.com/symantec-industrial-espionage-on-the-rise-smbs-a-target-7000014061/

Conficker, a worm that started spreading among enterprise desktop systems in 2008, continues to wriggle through corporate networks. But the total number of infected systems shrank during 2012, according to the latest Security Intelligence Report released by Microsoft on April 17.

“In the last quarter of 2012, a person in the enterprise was more likely to encounter attacks through the Web than any of the network worms,” Holly Stewart, senior program manager with the Microsoft Malware Protection Center, told eWEEK.

Link: http://www.eweek.com/security/microsoft-says-worm-infections-declining-but-web-attacks-rising/

The services are also driving changes in the market landscape, particularly around a number of key security technology areas, such as secure email and secure Web gateways, remote vulnerability assessment, and Identity and Access Management (IAM).

“Demand remains high from buyers looking to cloud-based security services to address a lack of staff or skills, reduce costs, or comply with security regulations quickly,” said Eric Ahlm, research director at Gartner. “This shift in buying behavior from the more traditional on-premises equipment toward cloud-based delivery models offers good opportunities for technology and service providers with cloud delivery capabilities, but those without such capabilities need to act quickly to adapt to this competitive threat.”

Security buyers from the U.S. and Europe, representing a cross section of industries and company sizes, stated that they plan to increase the consumption of several common cloud services during the next 12 months.

Gartner believes regulatory compliance measures to comply with the Payment Card Industry Data Security Standard (PCI DSS), for example, are driving much of the growth of interest in tokenization as a service.

Much of the interest is attributed to regulatory compliance concerns and security buyers’ need to reduce costs in the area of log management, compliance reporting and security event monitoring. However, many customers in the enterprise segment will remain cautious about sending sensitive log information to cloud services, and this will continue to be an important aspect for security-as-a-service providers to address.

“The customer demand for a brokerage becomes apparent as organizations move more assets to the cloud and require multiple security services to span multiple clouds and/or mixtures of clouds and on-premises.”

Gartner is advising value-added resellers (VARs) to supplement product implementations with cloud-based alternatives that offer large customers reduced operational cost and thereby increase the likelihood of customer retention in this market segment.

Link: http://www.net-security.org/secworld.php?id=14748

“People are relying more and more on their mobile phones and tablets to navigate, share, socialize and shop in today’s constantly-connected world,” said Tamim Taufiq, head of consumer sales MENA for Symantec.

“What many consumers may not realise is exactly how much of their personal and private information is up for grabs should these devices be compromised, lost or stolen.”

Yet as people expand their online lives through mobile devices, many are not taking steps to secure their device and the content it contains.

Nearly one in four mobile device users in the MENA admit to not always downloading applications from trustworthy sources – Close to three in 10 (29 percent) indicated that they do not use secure payment methods when making purchases from their mobile device, leaving their sensitive information such as credit card details vulnerable.

Link: http://www.sify.com/news/mobile-users-in-middle-east-victims-of-cyber-crime-study-news-international-nehcuceehfb.html

When sending spear phishing emails, attackers opt for file names with common business terms to lure unsuspecting users into opening the malware and initiating the attack. These terms fall into three general categories: shipping and delivery, finance, and general business.

Instances of malware are uncovered that execute only when users move a mouse, a tactic which could dupe current sandbox detection systems since the malware doesn’t generate any activity.

By avoiding the more common .exe file type, attackers leverage DLL files to prolong infections. Ashar Aziz, FireEye founder and CTO said: “As cybercriminals invest more in advanced malware and innovations to better evade detection, enterprises must rethink their security infrastructure and reinforce their traditional defenses with a new layer of security that is able to detect these dynamic, unknown threats in real time.”

Link: http://www.net-security.org/malware_news.php?id=2455

After a wave of cyber attacks hit a Federal Reserve website, the New York Times and other news outlets, and U.S. banks, President Barack Obama issued an executive order in February to better protect businesses and critical assets, such as pipelines and power grids.

The SEC issued guidance in October 2011 telling companies to disclose cyber attacks or risks if that information is material, meaning it would affect an investor’s willingness to buy, hold, or sell the company’s stock.

“For the sake of investors, the SEC needs to figure out a way of enforcing the appropriate disclosure of material cyber attacks,” said Jacob Olcott, who led a congressional review as counsel to Senator Jay Rockefeller, a West Virginia Democrat, that resulted in the SEC guidance.

Cyber attacks are more likely to be material for some companies than others, Brian Lane, a former SEC corporation finance director, said in an interview.

Almost all of the top 100 U.S. companies by revenue said they rely on technology that may be vulnerable to security breaches, theft of proprietary data and disrupted operations, according to a review of their most recent annual reports.

ConocoPhillips, one of at least six major U.S. and European energy companies reported by Bloomberg to have been breached by China-based hackers beginning in 2009, said in its 2012 annual report no cyber breaches “had a material effect.”

Coca-Cola acknowledged its “information systems are a target of attacks,” in its 10-K and said the disruptions “to date have not had a material effect on our business, financial condition or results of operations.”

If a company doesn’t disclose an attack in an SEC filing that was reported in the news media, “don’t be surprised if we ask you to provide us with a materiality analysis,” Jim Lopez, an SEC branch chief for disclosure operations, said at a Washington conference in February.

While Verizon said in its 2012 10-K the cyber attacks it experienced haven’t been material, the company said the potential costs of a major assault include “expensive incentives” to keep customers, a jump in security spending, lost revenue and damage to the company’s reputation.

Link: http://www.bloomberg.com/news/2013-04-04/cyberattacks-abound-yet-companies-tell-sec-losses-are-few.html