The very latest cyber threat intelligence for May 2018 depicts increases in a number of attack areas, particularly when comparing against 2017 cyber threat data. Through May 2018, the SonicWall Capture Labs threat researches have recorded: Global Cyberattacks — May 2018 2 million malware attacks (64 percent year-over-year increase) 9 million ransomware attacks (78 percent year-over-year increase) 238,828 encrypted threats (142 percent year-over-year increase) Global Cyberattacks — Year to Date 5 billion malware attacks (128 percent increase ) 2 million ransomware attacks (299 percent increase) 2 million encrypted threats (283 percent increase) To put these numbers in a more practical light, it’s helpful to break them down by customer.
Every year, RSA Conference 2018 is a fast-paced, high-energy gathering for cyber security discussion, networking, innovation and learning for attendees, panelists, speakers and exhibitors alike. It’s almost impossible to see and hear all the show has to offer. To help, we’ve collected all the interesting events and news from the week.
Endpoint protection has been a cyber security standard for years. But during RSA Conference 2018 at the Moscone Center, it’s clear that it remains a core security challenge for many organizations. Likewise, many cyber security vendors are offering new and better ways to protect end points. While technology for machine learning, artificial intelligence, cloud and application security all still had their place in the RSA speaking sessions, a new era of endpoint protection that’s connected, transparent and easy to manage was on display.
RSA Conference 2018 is a flurry of lights, sounds and information. It’s easy to get lost in the buzz and miss what you really want to see. In case you fall into this category — or weren’t able to make the trip to San Francisco at all — we streamed an entire presentation from SonicWall malware expert Brook Chelmo live on Facebook.
Fresh off of April’s massive SonicWall Capture Cloud Platform launch, SonicWall has been featured in a pair of CRN articles highlighting the hottest products at RSA Conference 2018. The SonicWall Capture Cloud Platform is lauded in CRN’s “10 Hot New Cloud Security Products Announced at RSA 2018” listing. CRN recaps the platform’s ability to integrate security, management, analytics and real-time threat intelligence across SonicWall’s portfolio of network, email, mobile and cloud security products.
In 2017, SonicWall Capture Labs discovered 56 million new forms of malware from across the globe. Threat actors are constantly creating updates to known versions of malware to get past defenses that rely on identifying malware (i.e., signatures). The forms of security that stop malware and ransomware based on signatures are only effective if they can identify the strain.
To proactively protect networks and data in today’s fast-moving cyber arms race, organizations must be able to collect, analyze and apply threat intelligence to make smart and agile security decisions. For some organizations, this is part of everyday life — even if it’s still increasingly difficult. For others, it’s just not possible based on company size, expertise, budget or any number of challenging factors.
As we know, email is the most popular attack vector used by threat actors to carry out targeted cyber attacks. In fact, more than 90 percent of cyber attacks start with a phishing email campaign. It is the easiest way for a cyber criminal to enter a network and execute tactics to accomplish an objective — be it data exfiltration, delivering a malicious payload or phishing for credentials.
One of the key characteristics of advanced malware is the use of many tactics to evade detection. In addition to defeating signature-based detection products and behavior-based detection tools, there are hundreds of evasion techniques advanced malware uses to avoid detection. Moreover, a malware object will typically deploy multiple tactics. While there are hundreds of specific tactics to evade detection, they fall into six key categories.
Malware often incorporates advanced techniques to evade analysis and discovery by firewalls and sandboxes. When malware sees evidence that dynamic analysis is occurring, it can invoke different techniques to evade analysis, such as mimicking the behavior of harmless files that are typically ignored by threat detection systems. Traditional sandboxing approaches that signal their own presence — for example, by instrumenting underlying virtual machines (VM) to intercept malicious function calls — make the analysis environment visible.