One-Third of All Malware Can not be Detected by AV

New data from WatchGuard Technologies, a network security company, reveals that almost 0ne third of all malware attacks come through zero-day exploits.

First quarterly report on Internet security of WatchGuard covers related threat issues spanning from Q4 2016 and their consequences on business. Darkreading.com posted on 30th March 2017 stating that the data comes through Firebox Feed and anonymized data from more than 24,000 appliances of WatchGuard Unified Threat Management (UTM) throughout the world.

The study also disclosed a theme of previous threats that are becoming new yet again. The results first reveal that the macro-based malware are still very much prevalent. In spite of being an older trick, several attempts of spear-phishing still include the documents having malicious macros, and the attackers have also adapted their tricks for including the new document format of Microsoft. Secondly, the attackers are still using the malicious web shells for hijacking the web servers. The PHP shells are still alive and well, because the nation-state attackers are evolving this technique of old attacks with new obfuscation ways. There has been a growth in the malicious JavaScript in the 4rth quarter, both on the web and in email.

The research has discovered that the attackers are still using malicious web shells for hijacking the web servers, with the nation-state attackers are evolving the PHP shell attacks with new obfuscation techniques.

Backdoor shells or web shells are the malicious code pieces that are uploaded to the web servers, giving hackers a page from where they are able to access the file system of a web server for uploading as well as downloading files; or in few cases, even executing commands for gaining complete control of the server. In spite of their basic nature, the hackers continues to amend and improve on original PHP shells, and are still using them on the websites where they can gain access through the web application attacks.

The WatchGuard Threat Lab also started one ongoing research project, which analyses the IoT devices for the security flaws. The research that was highlighted in the report has evaluated fitness accessories, Wi-Fi cameras, and the novelty devices that are network-enabled. This also includes a thorough look on the vulnerabilities founded by Threat Lab in a rather well-known wireless IP camera, and the steps that should be taken by the consumers to safeguard the IoT devices which they purchase.

WatchGuard advises the organizations to replace the default credentials by a strong password, also protect the IoT devices with firewall, as well as scan network for the unauthorized IoT devices.

» SPAMfighter News - 4/5/2017