[metaslider id=2951] … Read More
A New Age of Malware – Cryptocurrency Mining
Cryptocurrencies continue to make headlines, and generally for all the wrong reasons. As cryptocurrency continues to fluctuate in value, we are seeing a plethora of new cryptocurrency malware emerging. This is reflective of the evolution of modern malware, with variants attacking computer systems globally, hijacking them to mine cryptocurrencies and capitalizing on the victim’s resources. Crypto-malware is literally making money.
It is no surprise that crypto-malware has been proliferating, as digital currencies provide a level of anonymity and are rather profitable. It is, however, probably the worst of all malware. This new age of crypto-jacking malware simply uses the end user’s device to mine cryptocurrency when they visit an infected site. Therefore, it is always recommended to opt for a secure digital currency platform like Coin Cloud, for example, to carry out the transactions and mining.
More websites are adopting cryptocurrency mining through visitors instead of running ads to fund their businesses. Recently, the popular torrent site The Pirate Bay ran a bitcoin-miner as an alternative to ads to generate funds for the business. This new income-generating scheme caused users’ central processing units (CPUs) and electricity usage to skyrocket while degrading the performance of their devices. Coincidentally, advertising revenue is dropping significantly.
Mining 101
If you have not heard of bitcoin, then you must be living under a rock. Undoubtedly the most famous cryptocurrency, it is generated by “mining.” By mining, I mean a computationally intensive task that utilizes a lot of energy and processing power for verifying transactions. Successful miners are rewarded with a “coin,” which is added to a digital wallet — or, in the case of crypto jacking, to the digital wallet belonging to the hackers. For the first time, malware can directly “print money” for criminals.
On its own, a personal computer would not be powerful enough to profitably mine cryptocurrencies — the operative word being “profitably.” Mining done properly requires specialized rigs composed of specialized hardware and lots of electricity. Note that there are different cryptocurrency algorithms, some of which are more intense and require more computing power than others.
Have a question on how to protect you networks – Contact us.
Sophos #1 in Exploit Protection
Sophos blocked 34 out of 35 exploits tested, while the next highest score was 22 out of 35.
Exploits are the techniques that attackers use to gain access and control of computers. Common bugs and vulnerabilities found in popular, legitimate software can be leveraged as exploits to steal data, hold files for ransom, perform reconnaissance, or simply to deploy malware.
Attackers rely on exploits the same way video game characters rely on their weapons toolkits: without them, it would be like going into battle unarmed. And despite being extremely popular for attackers, many defenses remain vulnerable to exploits, since the software often being exploited – Microsoft Office, Adobe Reader, and the like – is generally considered “safe” by security products.
This would seem to make exploit testing a no-brainer for vendor comparison services. The problem, however, is that due to the constantly evolving nature of software vulnerabilities, exploit-based attacks are some of the most difficult scenarios to test.
Fortunately, MRG Effitas managed to develop reliable and repeatable exploit testing scenarios and has recently released its “Exploit and Post-Exploit Protection Test” report. Commissioned by Sophos, this report compares the exploit-stopping abilities of nine different endpoint products.
As you can see in the chart below, Sophos far outperformed other vendors at stopping exploits: Level 1 means that the product blocked the exploit, and Level 2 means that the exploit was missed but the attack was stopped via other methods.
Sophos blocked 34 out of 35 exploits tested, while the next highest score was 22 out of 35. In fact, most vendors weren’t even able to stop half of the exploits that Sophos was able to stop.
This test was a follow-up to MRG’s previous report on malware protection. In that commissioned report, Sophos ranked #1 for both malware protection and potentially unwanted application (PUA) protection.
To summarize the test results from the two MRG Effitas reports:
- Sophos ranks #1 in exploit prevention
- Sophos ranks #1 in malware protection
- Sophos ranks #1 in potentially unwanted application prevention
Contact us for more information on the Sophos Endpoint, or you can watch one of the on-demand webinars on Sophos discussing the deep learning in the Endpoint, CryptoJacking and more –
According to ISACA – Cyber Threats Up but no increase in Ransomware
Ransomware attacks are significantly declining despite an increase in cyberattacks generally, according to the global IT association ISACA.
Written by Peter Dinham – ITWire
In its State of Cybersecurity 2018 research study just released, ISACA reveals that last year, 62% of respondents experienced a ransomware attack, compared to 45% this year — a 17-point drop.
According to ISACA, the drop in ransomware attacks is likely because organisations are significantly better prepared after last year’s WannaCry and NotPetya attacks, with 82% of respondents saying that their enterprises now have ransomware strategies in place. In addition, 78% said they have a formal process in place— up 25-points from last year.
“While these findings are positive, the data show that ransomware attacks may have been displaced by cryptocurrency mining, which is becoming more frequent,” said ISACA.
“Cryptocurrency mining malware can operate without direct access to the file system, making them harder to detect—and as the prices of cryptocurrencies increase, the economics of cryptocurrency mining malware becomes better for the attacker.
“Additionally, the three most common attack vectors remain unchanged from last year – phishing, malware and social engineering.”
The research also shows that 50% of the 2,366 security leaders surveyed have seen an increase in cyberattack volumes relative to last year and, in addition, 80% of respondents said they are likely, or very likely, to be attacked this year — a statistic that ISACA says remains unchanged from last year’s study.
According to ISACA, active defence strategies are highly effective, but underutilised.
The research also found that nearly 4 out of 10 respondents (39%) are not at all familiar or only slightly familiar with active defence strategies (e.g., honeypots and sinkholes), and of those who are familiar with active defence strategies, just over half are actually using them.
“This is a missed opportunity for security leaders and their organisations,” said Frank Downs, director of cybersecurity at ISACA.
“ISACA’s research indicates that active defence strategies are one of the most effective countermeasures to cyberattacks. A full 87% of those who use them indicate that they were successful.”
The ISACA report suggests enterprises must be better prepared with focused attention on several areas, and makes several recommendations, including:
- Investing in talent—With attacks still on the rise, enterprises must continue to invest in finding, retaining and training skilled cyber security professionals
- Exploring further automation benefits—Enterprises should consider automation-driven strategies and tools for detection and to support recovery and response efforts
- Ensuring appropriate investment in security controls—With attack vectors (phishing, malware and social engineering) minimally changing, existing control types are still valid and useful. Enterprise investment and attention to security controls should increase in line with the frequency of these attack vectors.
The Anatomy of a Hack
Sophos Cybersecurity Advisor James Lyne appeared on NBC recently, where he talked about the state of cybersecurity and what we can all do to protect ourselves and our information. It’s an important, realistic look at the state of our data, and what we can do to stay ahead of the bad guys.
Take a moment to scan the results of this survey of 2,700 industry pros to learn more about how to protect your business. – Survey Results
Learn more about protecting your business from Ransomware and other never-before-seen threats before they disrupt your business and impact your bottom line – Check out Sophos’ Whitepaper on Exploits Interrupted.
If you have questions on any of the Sophos Products or how to ensure your employees do not inadvertantly open an email with malicious content – contact us at sales@symtrex.com, by phone 866-431-8972, or use the chat window.
KnowBe4 Adds ThinkHR Training Modules
KnowBe4’s scope of training materials expanded beyond security awareness to address HR concerns
KnowBe4, providers of the world’s largest security awareness training and simulated phishing platform, today announced that it has added new training modules from ThinkHR to its arsenal of training materials.
ThinkHR combines live human resources with innovative online technology to deliver trusted knowledge solutions that enable organizations to thrive. Their industry-leading HR knowledge products help their partners strengthen their client relationships and win more business. HR professionals use ThinkHR’s tools to be more effective in their roles, while business and risk 
managers leverage its industry-leading team of HR advisors for compliance and risk guidance. And, all employers benefit from their HR compliance tools while building a positive and productive workplace.
“We’re constantly looking for new and exciting ways to freshen up our training content modules,” said Stu Sjouwerman, CEO, KnowBe4. “ThinkHR brings KnowBe4 into an entirely new training arena for the company – the HR space. We’re pleased to be able to offer this new, innovative content to our customers.”
“We’re excited KnowBe4 selected our award-winning training content as the next big addition to their security platform,” said Doug Doyle, CMO at ThinkHR. “Well-trained employees are a company’s most powerful firewall. Our mutual commitment to combining the best of SaaS technology and human expertise is the basis for this valuable partnership.”
The content is centered around HR compliance issues such as FERPA, harassment training, physical security, and managerial training with most modules running between thirty and sixty minutes each. The training will be available in the KnowBe4 “Mod Store” for its Diamond Level customers.