Tag Archives: Adobe

WatchGuard report finds two-thirds of malware to be encrypted

WatchGuard Technologies’ latest Internet Security Report shows that 67% of all malware in Q1 2020 was delivered via encrypted HTTPS connections and that 72% of encrypted malware was classified as zero day, so on that basis would have evaded signature-based anti-virus protection.

These findings show that, without HTTPS inspection of encrypted traffic and advanced behaviour-based threat detection and response, organisations are missing up to two-thirds of incoming threats. The report also highlights the finding that the UK was a top target for cyber criminals in Q1, earning a spot in the Top Three countries for the five most widespread network attacks.

“Some organisations are reluctant to set up HTTPS inspection due to the extra work involved, but our threat data clearly shows that a majority of malware is delivered through encrypted connections and that letting traffic go uninspected is simply no longer an option,” said Corey Nachreiner, chief technology officer at WatchGuard. “As malware continues to become more advanced and evasive, the only reliable approach towards defence is implementing a set of layered security services, including advanced threat detection methods and HTTPS inspection.”

Malware

Key findings

Other key findings from WatchGuard’s latest Internet Security Report include:

Monero cryptominers surge in popularity Five of the Top Ten domains distributing malware in Q1 (identified by WatchGuard’s DNS filtering service DNSWatch) either hosted or controlled Monero cryptominers. This sudden jump in cryptominer popularity could simply be due to its utility. Adding a cryptomining module to malware is an easy way for online criminals to generate passive income

Flawed-Ammyy and Cryxos malware variants join top lists The Cryxos trojan was third on WatchGuard’s Top Five encrypted malware list and also third on its Top Five most widespread malware detections list, primarily targeting Hong Kong. It’s delivered as an e-mail attachment disguised as an invoice and will ask the user to enter their e-mail and password which it stores. Flawed-Ammyy is a support scam where the attacker uses the Ammyy Admin support software to gain remote access to the victim’s computer

Three-year-old Adobe vulnerability appears in top network attacks An Adobe Acrobat Reader exploit that was patched in August 2017 appeared in WatchGuard’s top network attacks list for the first time in Q1 of this year. This vulnerability resurfacing several years after being discovered and resolved illustrates the importance of regularly patching and updating systems

Mapp Engage, AT&T and Bet365 targeted with spear phishing campaigns Three new domains hosting phishing campaigns appeared on WatchGuard’s Top Ten list in Q1 2020. They impersonated digital marketing and analytics product Mapp Engage, online betting platform Bet365 (this campaign was in Chinese) and an AT&T login page (this campaign is no longer active at the time of the report’s publication)

COVID-19 impact Q1 2020 was only the start of the massive changes to the cyber threat landscape brought on by the COVID-19 pandemic. Even in the first three months of 2020, WatchGuard still saw a massive rise in remote workers and attacks targeting individuals

Malware hits and network attacks decline Overall, there were 6.9% fewer malware hits and 11.6% fewer network attacks in Q1, despite a 9% increase in the number of Fireboxes contributing data. This could be attributed to fewer potential targets operating within the traditional network perimeter with worldwide work-from-home policies in full force during the COVID-19 pandemic

Malware2

Anonymised data

The findings in WatchGuard’s Internet Security Reports are drawn from anonymised Firebox Feed data from active WatchGuard appliances whose owners have opted in to share data to support the Threat Lab’s research efforts. Over 44,000 appliances worldwide contribute threat intelligence data to the report. In Q1 2020, they blocked over 32,148,519 malware variants in total (730 samples per device) and more than 1,660,000 network attacks (38 attacks per device).

The complete report includes key defensive Best Practices that organisations of all sizes can use to protect themselves in today’s threat landscape and a detailed analysis of how the COVID-19 pandemic and associated shift to working from home affected the cyber security landscape.

*To view the full report visit Internet Security Report for Q1 2020

Leave a comment

Filed under Security Matters

Genetec introduces new subscription-based ownership model for Security Center

Genetec, a leading provider of open architecture, unified IP security solutions, has announced a new subscription model for its flagship unified security platform designated Genetec Security Center.

Security Center Subscription introduces new flexible ownership and payment options that allow customers to gain access to Security Center on a ‘pay-as-you-go’ basis. Subscribing customers receive the same local, on-premises version of Security Center and pay for it on a monthly or annual basis, as opposed to purchasing the entire system up front.

When purchasing on subscription, customers also benefit from the Genetec online support resources and qualified support professionals’ expertise either by phone or through live chat, as well as access to Security Center Cloud services with risk-free trials included in the price.

Security Center Subscription is available immediately through the new Genetec self-service portal.

GenetecSecurityCenter

Changing business model

A recent Gartner industry report noted that, by 2020, more than 80% of software vendors will change their business model from traditional license and maintenance to subscription, regardless of whether the software resides on-premises or in the cloud.

Along with the flexibility and affordability of a subscription model, the Gartner report finds that the value of short-term predictability trumps long-term costs, particularly when the ease of adding or relinquishing licenses is included in the picture.

The subscription model also moves the purchases from capital expenditure (CAPEX) to operational expenditure (OPEX). This enables customers who are looking to upgrade their systems to Security Center to do so from operational budgets allocated to their older, less capable security software.

“In the past few years, companies like Adobe, IBM, Oracle, Netflix and many other software companies have adopted flexible buying models with impressive success, offered as Technology-as-a-Service via the cloud or as a traditional on-premises installation with monthly or annual renewals,” said Andrew Elvish, vice-president of product management and marketing at Genetec.

“Genetec is leading the way in the physical security industry by offering customers an alternative ownership option for our successful video surveillance platform. Not only will customers enjoy the same fully-featured version of Security Center, but they will do so with lower up front expenditures, predicable recurring costs and access to the latest releases and Genetec support resources, all at no additional charge.”

Introducing Security Center Compact

As part of its new subscription model, Genetec is introducing Security Center Compact, a new entry-level edition of Security Center.

Only available through subscription, Security Center Compact supports up to 25 cameras and provides an easy ‘no training required’ option for customers with basic video management requirements.

A good fit for smaller sites, Security Center Compact systems can also be linked to larger systems through the Genetec Federation feature, allowing for centralised monitoring (as seen with city-wide surveillance and multi-site businesses or campuses).

The Compact edition features all of the camera integrations available in the enterprise edition of the software such that customers can choose the vendors they want to work with and design a system that best suits their business.

In addition to providing smaller site video surveillance, Security Center Compact offers a clear path as an organisation’s security needs evolve over time. Security Center Compact end users can simply update their subscription and purchase a higher edition of Security Center as their system grows, in turn avoiding the need to install and/or re-deploy new system software.

Introductory 90-Day Trial for Compact Edition

Beginning this month, Genetec-certified channel partners can sign up for a 90-day trial of Security Center Compact. To take advantage of this limited-time promotion, channel partners should visit the Genetec Channel Partner Portal for an instant download.

*For more information about Genetec Security Center Subscription and Genetec Security Center Compact visit: http://www.genetec.com/subscribe

Leave a comment

Filed under Risk UK News, Uncategorized