Enterprise Endpoint Security : 5 Warning Signs of a Possible Malware Breach

Malware has been around for decades, but the strains that current technology users face are considerably different from those seen years ago. According to industry research, new malware specimen emerged every 4.6 seconds in 2016; in the first quarter of 2017, it occurred at 4.2 seconds. In 2014 when massive malware attacks like Heartbleed rocked the nation, nearly 1 million strains were released every day, according to CNN.

Attackers are working faster than companies can defend themselves, creating a significant problem in effectively detecting and preventing breaches. In fact, 70 percent of malware infections evade discovery by antivirus solutions, Tripwire reported. To make matters worse, of the 17,000 malware alerts the average enterprise receives per week, only 19 percent are considered reliable and 4 percent are investigated.

The more time it takes to identify and eliminate a malware threat, the more damaging and costly it will be. Let’s take a look at the five biggest warning signs that a malware attack has impacted your hardware:

1. Ransom Message

Ransomware is one of the most popular malware techniques used to attack business users. WannaCry and NotPetya were two in recent memory that impacted thousands of organizations across the world, causing many leaders to panic. While answers to both threats were eventually discovered, considerable damage was already done. Hackers are improving the packaging of their malware to appear legitimate and convince more people to download the malicious files.

A ransom is

Threat Focus : Why is the Blank Slate Malspam Still a Threat?

Organizations use email every day to send and receive information, track activities and other essential tasks. However, this communication method isn’t as safe as users might believe. Email is currently the number one delivery vehicle for malware, ransomware and other malicious breach techniques. Hackers can send out an infinite number of emails to a large number of people in the hopes that one will hit and be downloaded onto a company network.

Malware-laden emails, ads and websites are nothing new, but they are still persistent even among today’s modern strains. Blank Slate Malspam, for example, is still going strong, even though it should have been recognized and eradicated long ago. Let’s take a look at why Blank Slate Malspam continues to be a threat and what organizations can do to avoid similar risks.

The Journey of Blank Slate Malspam

Blank Slate Malspam has been active since 2016, and its techniques have shown to be successful in keeping it continually running. The phishing campaign is simple compared to others: It leaves the subject vague or empty, sends the body of the email blank and includes a zip archive of malicious attachments for users to download. It is geared toward infecting Microsoft Windows computers, using malware-laden Microsoft Word or JavaScript documents.

Blank Slate Malspam emails have vague subjects and blank bodies.

More recent Blank Slate emails have come with a message warning that Microsoft has detected suspicious activity on their accounts, instructing

Incident Response Planning : The 7 Stages of Incident Response – Part 2

In the modern age of cybersecurity, more threats are evolving to subvert modern detection methods, making prevention a bigger focus than ever before. However, many organizations still don’t have a formal response plan to combat incidents and recover effectively.

We previously discussed the first main steps you’ll need in your incident response plan, including preparing for anything, identifying and reporting unusual behavior and containing the threat. While these are critical processes, your work doesn’t stop there. In this article, we will look at the remaining necessary steps to take in your incident response strategy to minimize damage and recover effectively.

4. Eliminate the Threat

Once you have the issue contained, it’s time to eradicate it from the affected systems. Your ultimate goal should be to bring the system back online with the confidence that the assets have been thoroughly cleaned and are ready for business use. A white paper from The SANS Institute suggested that teams continually document all of the actions taken during the eradication process. This will not only help determine the cost of man hours and other resources, but it will also ensure that the proper steps were followed to remove the issue.

Incident response teams must contain the threat and ensure the systems are clean.

Incident response teams must contain the threat and ensure the systems are clean.

Organizations can leverage immediate incident response measures to restore the system back to how it

Incident Response Planning : The 7 Stages of Incident Response – Part 1

Incident response plans will be integral to helping organizations manage the aftermath of a breach in a way that limits damage and reduces recovery time and costs. According to an FBI report, ransomware alone caused more than 4,000 attacks daily in 2016, a 300 percent increase over the previous year. Malware strains are continually evolving to subvert detection from traditional security measures, infect networks and compromise sensitive information. This shift and associated consequences show that businesses can no longer relax in the face of advancing cybersecurity risks.

However, a Ponemon Institute survey found that 75 percent of respondents don’t have a formal incident response strategy, and 66 percent aren’t prepared to recover from a cyber attack. In this two-part series, we will delve into the necessary stages of your incident response plan as well as how to implement it effectively within your organization to minimize the damages of a breach and reinforce business continuity efforts.

Prevention is now becoming just as important as threat detection.

1. Preparing for Anything

Creating an effective incident response plan will take considerable planning and preparation. This will arguably be the longest and most involved stage in the process, as you will need to identify the start of an incident, how to recover and establish preventive security measures, such as application control/ whitelisting. CSO managing editor Ryan Francis noted that the incident response plan should lay out who should be notified when a breach

Faronics Tech Roundup – July in Review

Cyber threats never take a break, and July was no exception. Organizations and federal entities are doing more to help strengthen their security posture and prepare for the next wave of advanced attacks. Let’s take a look at some of the biggest events that happened this month in the realm of cyber security:

SMBs Increasingly Targeted

Small and medium-sized businesses often believe that they can afford to relax because there are bigger entities that hackers can go after. However, SMBs are being increasingly targeted for their general lack of security measures and availability of valuable information. The Zurich SME Risk Index recently revealed that 875,000 SMBs in the U.K. have fallen to online attacks within the past 12 months, The Scotsman reported. That means that one in six businesses are affected by cyber threats. To make matters worse, these events are costing victims considerable money to recover, but business leaders still aren’t committing to investing in cyber security in the coming year.

SMBs cannot afford to take a back seat when it comes to preventing cyber attacks. One breach can be enough for a business to lose customer trust, compromise sensitive data and pay significant money to recover. Even after restoring operations, it’s difficult for organizations to restore relationships with clients and undo reputational damage. As more SMBs around the world are targeted by hackers, it’s important for leaders to heed warnings provided by large attacks and expert advice.