October 23, 2018 - Copywriting - ComputedWorld
O Internet Security Report, report from Watchguard, investigated the latest threats to safety affecting small and medium-sized enterprises (SMEs) during the second quarter of 2018.
According to the survey, 76% of threats in the period were web-based, suggesting that organizations need an HTTP and HTTPS inspection mechanism to prevent the vast majority of attacks. Ranked as the fourth most prevalent web attack in particular, “WEB Brute Force Login -1.1021” allows attackers to perform a huge number of login attempts against web applications, taking advantage of an endless series of random combinations to crack user passwords into one. short period. This particular attack is another example of cybercriminals' heightened focus on credential theft.
Mimikatz was the most prevalent malware
Representing 27.2% of the top ten malware variants listed last quarter, Mimikatz is a well-known password and credential thief that has been popular in recent quarters but has never been among the top threats. This increase in the Mimikatz domain suggests that authentication and credential theft attacks are still top priorities for cybercriminals - another indicator that passwords alone no longer serve as security controls and should be reinforced with MFA services that make it difficult to crack. hacker's life.
Cryptocurrency Miners Gain Space
Malicious miners continue to grow in popularity as a hacking tactic, appearing for the first time on the top 10 malware list in the second quarter. Last quarter, WatchGuard named its first cryptocurrency miner, Cryptominer.AY, which corresponds to a JavaScript cryptocurrency miner called “Coinhive,” and uses its victims' computing resources to exploit the popular privacy-focused cryptocurrency. , to Monero (XRM). Data show that victims in the United States were the main geographic target, receiving approximately 75% of the total volume of attacks.
Malicious Office Documents
Criminals continue to exploit old vulnerabilities in the popular Microsoft product. Interestingly, three new Office malware exploits entered the WatchGuard top 10, and 75% of these attacks targeted victims in the EMEA region, with a heavy focus on users in Germany specifically.
About [SAFEWAY]
THE [SAFEWAY] is a widely recognized company as a provider of premium information security and cybersecurity solutions. From its extensive portfolio, we highlight several solutions, including those based on platforms:
- Archer da RSA Security, considered by the institutes Gartnerand Forrester and by the market itself, the most complete process integration solution for Governance, Risk Management, Compliance and Business Continuity Management;
- [SAFEWAY]Security Tower, supported by IBM Qradar (Watson technology), tailored to each organization in its security and cyber defense management needs.
- And others, involving technologies Imperva, Thales, BeyondTrust, Manly, WatchGuard Technologies
