Published By: Cylance
Published Date: Jul 02, 2018
The cyberattacks of 2017 proved more numerous, sophisticated, and ruthless than in years past. Threat actors, armed with knowledge stolen from the CIA and tools lifted from the NSA, demonstrated an elevated level of proficiency. WannaCry and NotPetya, two prominent threats from last year, successfully exploited these stolen assets in their assault on systems worldwide. As 2017 progressed, new opportunities developed in ransomware-as-a-service (RaaS), opening the gates of malware-for-profit to everyone. Advancements in fileless attacks provided new ways for threats to hide from once reliable detection methods. Malware features such as polymorphism continued to play a powerful role in evading traditional defenses. The victims of cybercrime ranged from private businesses to the fundamental practices of democracy. France and the United States saw significant data breaches during their recent presidential elections. Several high-profile companies lost their customers’ personally identifiable information to cyberattacks, blemishing their brands and costing them untold millions in recovery operations. This report contains an overview of the threat trends and malware families Cylance's customers faced in 2017. This information is shared with the goal of assisting security practitioners, researchers, and individuals in our collective battle against emerging and evolving cyberthreats.
Published By: Cylance
Published Date: Jul 02, 2018
Fileless attacks surged in 2017, largely due to their ability to bypass traditional antivirus solutions. Last year was host to several fileless malware victories. OceanLotus Group infiltrated Asian corporations during Operation Cobalt Kitty, and conducted nearly six months of fileless operations before detection. Ransomware hall-of-famers Petya and WannaCry both implemented fileless techniques in their kill chains. Every major player in information security agrees that fileless attacks are difficult to stop, and the threats are growing worse. Abandoning files is a logical and tactical response to traditional AV solutions which have overcommitted to file-intensive and signature-based blacklists. What can security solutions offer when there are no infected files to detect? How will a blacklist stop an aggressor that only uses legitimate system resources? The security landscape is changing and the divide between traditional AV products and next-generation security solutions is growing wider by the day. Cylance® has built a reputation on security driven by artificial intelligence and provides a frontline defense against fileless malware. This document details how Cylance protects organizations.
Published By: IBM APAC
Published Date: Aug 22, 2017
For any sized organization, securing data and networks today is a daunting task. New vulnerabilities are discovered almost daily; new malware strains are developed as soon as a detection script is written for the old ones; and cybercriminals can buy prepackaged exploit kits on the Darknet backed by professional support teams. As a security analyst, you need more than a few point solutions designed to defend the network’s edge. You need visibility, perspective and an innate sense of when things just don’t seem right.
A significant challenge for many organizations has been enabling their analysts to find the "unknown
unknown." Whether that unknown is malware lurking within the enterprise or within slight variations in
fraudulent transactions, the result has been the same: enterprises continue to fall victim to cybercrime.
IBM is addressing this challenge with IBM i2 Enterprise Insight Analysis. By pairing multi-dimensional
visual analysis capabilities with powerful analytics tools, IBM is giving the analyst team an effective
early-detection, cyberintelligence weapon for its arsenal.
The importance of IT security to a business has never been greater. But often, investments are shelved or cutbacks are made. This can result in businesses unknowingly making compromises regarding their IT security.
In this latest whitepaper from Kaspersky Lab, you’ll find useful facts, examples and business case arguments to help you get buy-in and commitment from your business.
The Dyre family of banking malware is back in the news after researchers recently observed that the malware incorporated tricks to avoid detection in malware sandboxes. Previously, Dyre was most notable for targeting high value bank accounts, including business accounts, and incorporating sophisticated social engineering components to overcome the 2-factor authentication used by most banks.
Published By: FireEye
Published Date: Mar 05, 2014
From sophisticated new forms of malware to nation-state sponsored attacks and the advanced persistent threat, cybersecurity incidents have evolved at a rapid pace and are taking down entire networks, successfully stealing sensitive data and costing organizations millions to remediate.
In this white paper this report, you'll receive a comprehensive overview of survey results and expert analysis on:
The top security threats for global organizations in 2013;
The largest gaps in organization's detection and response to threats;
How these gaps will be filled in the coming year - new staff, tools or services;
What organizations must do to stay ahead of these advanced threats.
Juniper Networks hybrid cloud architecture enables enterprises to build secure, high performance environments across private and public cloud data centers. The easy-tomanage, scalable architecture keeps operational costs down, allowing users to do more with fewer resources. Security is optimized by the space-efficient Juniper Networks® SRX Series Services Gateways, which are next-generation firewalls (NGFWs) with fully integrated, cloud-informed threat intelligence that offers outstanding performance, scalability, and integrated security services. Designed for high-performance security environments and seamless integration of networking, along with advanced malware detection with Juniper Sky™ Advanced Threat Prevention (ATP), application visibility and control, and intrusion prevention on a single platform, the SRX Series firewalls are best suited for enterprise hybrid cloud deployments.
Malware detection and cloud services are two areas of continuing disparity among SWG vendors. Our market analysis of the vendors highlights key differences in these capabilities and other key functions.
This paper reports on the findings when testing McAfee's Risk Management solution from a holistic risk management and vulnerability life-cycle management perspective. Download this white paper to learn more.
When it comes to fighting modern malware, there is no “silver bullet” that can guard against every threat every time. That’s why McAfee takes a different approach. We combine multiple layers of advanced malware protection, detection, and correction technologies into a single endpoint defense fabric. To keep up with cyberthreat innovation, effective detection and analysis requires new state-of-the-art anti-malware technologies: Real Protect and Dynamic Application Containment, complemented by the McAfee® Advanced Threat Defense sandbox. Find out how these tools work together to systematically protect against the most dangerous malware threats.
Published By: MX Logic
Published Date: May 21, 2008
In this recent report, the Aberdeen Group’s research revealed that 100% of Best-in-Class companies consume some managed security services as part of their security strategy. The most widely deployed and easiest to implement managed security service is email security.
The status quo approach of collecting more logs from more sources won't help in detecting and responding to advanced threats. Logs are inherently limited in the level security visibility that they provide. Consider a new way of looking at SIEM.
To develop the visibility, agility and speed to deal with advanced threats, security information and event management (SIEM) systems need to evolve into a central nervous system for large-scale security analytics.
Starting with a foundational set of data management and analytic capabilities enables organizations to effectively build and scale security management as the enterprise evolves to meet Big Data challenges.
This paper details why organization needs to shift more security resources from preventing intrusion toward rapid threat detection and remediation, and the intelligence-driven security approach that is required to do so.
Mid-size enterprises face the challenges of managing advanced threats plus staff and budget constraints. This on-demand webcast explains how RSA Security Analytics provides visibility, threat intelligence, and analytics – and how you can start small.