Cloud Hosting

Report finds macOS adware and 2017 Excel exploit running rampant and includes analysis of keylogger malware used in coronavirus-related phishing attacks.

24 March 2020 WatchGuard Technologies latest Internet Security Report shows that evasive malware has grown to record high levels, with over two-thirds of malware detected by its Firebox security appliances in Q4 2019 evading signature-based antivirus solutions. This is a dramatic increase from the year-long average of 35% for 2019 and points to the fact that obfuscated or evasive malware is becoming the rule, not the exception. Companies of all sizes need to deploy advanced anti-malware solutions that can detect and block these attacks.

In addition, WatchGuard found widespread phishing campaigns exploiting a Microsoft Excel vulnerability from 2017. This dropper exploit was number seven on WatchGuards top ten malware list and heavily targeted the UK, Germany and New Zealand. It downloads several other types of malware onto victims systems, including a keylogger named Agent Tesla that was used in phishing attacks in February 2020 that preyed on early fears of the coronavirus outbreak.

Our findings from Q4 2019 show that threat actors are always evolving their attack methods, said Corey Nachreiner, chief technology officer at WatchGuard. With over two-thirds of malware in the wild obfuscated to sneak past signature-based defenses, and innovations like Mac adware on the rise, businesses of all sizes need to invest in multiple layers of security. Advanced AI or behavioral-based anti-malware technology and robust phishing protection like DNS filtering will be especially crucial.

WatchGuards Internet Security Report prepares businesses, service providers and end users with the data, trends, research and best practices they need to defend against todays security threats. Other key findings from the Q4 2019 report include:

The findings included in WatchGuards Internet Security Report are drawn from anonymized Firebox Feed data from active WatchGuard UTM appliances whose owners have opted in to share data to support the Threat Labs research efforts. Today, over 40,000 appliances worldwide contribute threat intelligence data to the report. In Q4 2019, they blocked over 34,500,000 malware variants in total (859.5 samples per device) and approximately 1,879,000 network attacks (47 attacks per device).

The complete report also includes key defensive best practices that organizations of all sizes can use to protect themselves in todays threat landscape and a detailed analysis the MageCart JavaScript malware used in the Macys payment card data breach in October 2019.

For more information, download the full report on WatchGuard's website.

Link:
New Security Report from WatchGuard Shows Explosion in Evasive Malware - socPub