Category Archives: Malware

Malware-delivering cloud apps almost tripled in 2022

More than 400 distinct cloud applications delivered malware in 2022, nearly triple the amount seen in the prior year, according to research conducted by Netskope, a specialist in Secure Access Service Edge (SASE). The company’s researchers also found that 30% of all cloud malware downloads in 2022 originated from Microsoft OneDrive. Cloud apps are widely… Read more »

The post Malware-delivering cloud apps almost tripled in 2022 appeared first on Cloud Computing News.

How to protect your Mac from risks like ransomware and shadow IT

It is more important than ever to safeguard your digital assets from increasing risks and threats. Have you heard already of Ransomware and Shadow IT?  Today, I would like to talk about these two serious risks and give you some tips to protect yourself from them. Let`s start with ransomeware which is one of the […]

The post How to protect your Mac from risks like ransomware and shadow IT appeared first on Parallels Blog.

Infoblox bolsters off-premise security capabilities

Security CCTV camera in office buildingInfoblox has released its DNS Firewall as a service, extending its services to roaming devices off-premise, which will be available towards the end of 2016.

The new service will offer protection to customers roaming outside the corporate perimeter, as well as within, by offering a single pane of glass for protection from malware and cyberattacks. The cloud-service works through providing actionable network intelligence to customers to strengthen their operational and security postures. It also delivers unified reporting and single-policy configuration, which Infoblox claims are capabilities not available through purely cloud-based DNS services.

“Enterprise networks do not have the luxury of being walled gardens any more, not with employees bringing their own devices and accessing data from everywhere,” said Scott Fulton, EVP of Products at Infoblox. “Infoblox DNS Firewall as a service helps our customers by providing the same industry leading protection for on- and off-premise devices, helping organisations to build enterprise networks that are more available, secure, and smart.”

The offerings capitalize on the threat intelligence technology which Infoblox acquired through buying IID in February 2016. IID was acquired for approximately $45 million as a means for Infoblox to increase its threat detection capabilities, as a means to differentiate Infoblox from other DDI vendors.

IID’s cloud-based platform for threat intelligence federation allows customers to share threat intelligence, which has been highlighted as another potential growth area for Infoblox, though this is a competitive marketplace already. Companies such as iSight already have a healthy presence in the threat intelligence market segment, though Infoblox does have a number of partnerships with these vendors, inherited through recent acquisitions, which the team does not expect to change moving forward.

Conficker is commonest criminal in the cloud says ThreatCloud report

Secure cloudThree families of malware account for 40% of all the crime on the cloud across the globe, according to a new report from security firm Checkpoint.

The company’s ThreatCloud report looked at statistics drawn from intelligence feeding in from Check Point’s global presence in October 2015. It identified more than 1,500 different malware families globally active in that month alone. The ThreatCloud World Cyber Threat Map uses software agents and monitors to tracks how and where cyberattacks are taking place worldwide in real time.

Three malware families, the Conflickers, Salitys and Cutwails, accounted for 40% of all recorded attacks. The report also uncovered a new trend for criminals to try to assume control of networks by focusing on remote control of infected PCs. Increasingly, these are used to launch distributed denial of service (DDoS) and spamming campaigns against service providers.

Attacks on individuals also rose sharply, though these tended to be concentrated around malware families that are involved in ransomware scams. Identity theft and the stealing of users’ information  also rose sharply. The use of kits, such as the Neutrino ransomware exploit kit Fareit malware, which steals user information from web browsers and emails, increased dramatically. In one month this criminal modus operandum rose from being the 93rd most used scam to the 10th most common form of malware seen in October.

International organisations, such as cloud service operators, are most likely to be targeted by Conficker which accounted for 20% of all attacks globally. The UK experienced a lower number of attacks than many countries European nations and was ranked 110th most vulnerable region out of 133 target countries globally. By comparison Germany ranked 93rd, Switzerland 89th, Spain 57th and France 54th. Italy is home to Europe’s most endangered cloud, being the 40th most likely country to house a victim of an attack.

It’s easy for hackers to make small changes to malware code to enable it to bypass conventional cloud defences, according to Checkpoint’s UK regional director Simon Moor. “Companies should consider deploying advanced technologies,” said Moor.

The ThreatCloud database holds over 250 million addresses analysed for bot discovery, over 11 million malware signatures and over 5.5 million infected websites.

Mandian, Palo Alto Networks Partner for Malware Security

Mandiant has announced that it will team with Palo Alto Networks, a network security company, to integrate Palo Alto Networks’  firewalls and its WildFire malware prevention subscription with Mandiant’s recently announced product, Mandiant for Security Operation. Both companies will be presenting their solutions as participants at the RSA Conference 2013 in San Francisco from February 25th to 28th.

The joint solution from Palo Alto Networks and Mandiant provides a holistic approach to thwart advanced attackers by integrating malware detection and prevention capabilities on the network with the ability to resolve security incidents on endpoints. With this integration, Mandiant for Security Operations will automatically generate Indicators of Compromise (IOC) based on malware alerts generated by the Palo Alto Networks platform and identify which endpoints have been compromised. WildFire modern malware prevention service uses the inherent advantages of Palo Alto Networks next-generation firewalls to find new types of malware that have never been seen before across all applications – not just Web and email. To date, WildFire has discovered more than 70,000 new malware files that had not been identified by existing anti-malware solutions.

“Our mutual customers view this joint solution as a significant advantage to creating actionable insights to assess risk, prevent threats, and improve security,” said Chad Kinzelberg, senior vice president of business and corporate development, Palo Alto Networks. “We are also confident that this strategic partnership will continue to lead our industry in security intelligence for enterprise organizations.”

Mandiant for Security Operations is an appliance-based solution that utilizes a lightweight agent deployed on endpoints to enable security teams to confidently detect, analyze and resolve security incidents in a fraction of the time it takes using conventional approaches.

Palo Alto Networks offers a subscription service for WildFire, the company’s cloud-based modern malware prevention service. The WildFire service gives subscribers one-hour response times for the delivery of modern malware signatures, and integrated, on-box logging and reporting. The enhanced response time ensures that the damage caused by attackers using “zero-day” malware is mitigated for Palo Alto Networks customers.

“The tactics of targeted attackers and well-funded adversaries are constantly evolving,” said Mandiant’s Chief Technology Officer, Dave Merkel. “With the integration of the WildFire subscription malware detection service and Mandiant for Security Operations, security professionals will now be able to respond to threats faster and automatically investigate alerts from WildFire so they can confirm and resolve targeted attacks as they are unfolding.”

Let’s Hope Not: Least Favorite 2013 Prediction is “Hacking-as-a-Service”

Among all the pundit predictions for the coming year in cloud computing the one that caught my eye was this one by BusinessInsider’s Julie Bort in an article entitled “5 Totally Odd Tech Predictions That Will Probably Come True Next Year

1. Bad guys start offering “hacking as a service”

Security company McAfee says that criminal hackers have begun to create invitation-only forums requiring registration fees. Next up, these forums could become some sort of black-market software-as-a-service. Pay a monthly fee and your malware is automatically updated to the latest attack. Don’t pay, and it would be a shame if something happened to your beautiful website …

HaaS? Let’s hope not.