GoDubai
  
  
  
  
Citylife > Press Release
  Home Contact us Add to Favourites
Most Recent Postings
More Press Releses
Featured Sections

Event Finder
A daily roundup of exhibitions, promotions and other events in Dubai and the rest of the Emirates.
Submit an Event
Latest Dubai Press Releases >>

 
  Share

Fortinet Threat Landscape Index Hits Highest Point to Date, Demonstrating Continued Increase In Cyberattacks

Dubai, UAE. – August 18, 2019
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated, and automated cybersecurity solutions, today announced the findings of its latest quarterly Global Threat Landscape Report.

The research reveals that cybercriminals continue to look for new attack opportunities throughout the digital attack surfaceand are leveraging evasion as well as anti-analysis techniques as they become more sophisticated in their attempts.
The Threat Landscape Index crossed a milestone this quarter. It is up nearly 4% from its original opening position year-over-year. The high point during that year-long timeframe is the peak and closing point of Q2 CY2019. The upsurge was driven by increased malware and exploit activity.
For a detailed view of the Threat Landscape Index and subindices for exploits, malware, and botnets,as well as some important takeaways for CISOs read theblog.

“The ever-widening breadth and sophistication of cyber adversaries' attack methods is an important reminder of how they areattempting to leverage speed and connectivity to their advantage”, said Phil Quade, Chief Information Security Officer, Fortinet. “Therefore, it is important for defenders to do the same and to relentlesslyprioritize these important cybersecurity fundamentals, to position organizationsto better manage and mitigate cyber risks. A security fabric approach across every security element that embraces segmentation and integration, actionable threat intelligence, and automation combined with machine learning is essential to enable these fundamentals to bear fruit.”

Highlights of the report follow.

Upping the Ante on Evasion Tactics

Many modern malware tools already incorporate features for evading antivirus or other threat detection measures, but cyber adversaries are becoming more sophisticated in their obfuscation and anti-analysis practices to avoid detection.

For example, a spam campaigndemonstrates how adversaries are using and tweaking these techniques against defenders. The campaign involves the use of a phishing email with an attachment that turned out to be a weaponized Excel document with a malicious macro. The macro has attributes designed to disable security tools, execute commands arbitrarily, cause memory problems, and ensure that it only runs on Japanese systems. One property that it looks for in particular, an xlDate variable, seems to be undocumented.

Another example involves a variant of the Dridexbanking trojanwhich changes the names and hashes of files each time the victim logs in, making it difficult to spot the malware on infected host systems.

The growing use of anti-analysis and broader evasion tactics is a reminder of the need for multi-layered defenses and behavior-based threat detection.

Under the Radar Attacks Aim for the Long-haul 

The Zegostinfostealer malware, is the cornerstone of a spear phishing campaignand contains intriguing techniques. Like other infostealers, the main objective of Zegost is to gather information about the victim's device and exfiltrate it. Yet, when compared to other infostealers, Zegost is uniquely configured to stay under the radar. For example, Zegost includes functionality designed to clear event logs. This type of cleanup is not seen in typical malware. Another interesting development in Zegost's evasion capabilities is a command that kept the infostealer “in stasis” until after February 14, 2019, after which it began its infection routine.

The threat actors behind Zegostutilize an arsenal of exploits to ensure they establish and maintain a connection to targeted victims, making it far more of a long term threat compared to its contemporaries.

Ransomware Continues to Trend to More Targeted Attacks

The attacks on multiple cities, local governments, and education systems serve as a reminder that ransomware is not going away, but instead continues to pose a serious threat for many organizations going forward. Ransomware attacks continueto move away from mass-volume, opportunistic attacks to more targeted attacks on organizations, which are perceived as having either the ability or the incentive to pay ransoms. In some instances, cybercriminals have conducted considerable reconnaissance before deploying their ransomware on carefully selected systems to maximize opportunity.

For example, RobbinHoodransomware is designed to attack an organization's network infrastructure and is capable of disabling Windows services that prevent data encryption and to disconnect from shared drives.

Another newer ransomware called Sodinokibi,could become another threat for organizations. Functionally, it is not very different from a majority of ransomware tools in the wild. It is troublesome because of the attack vector, which exploits a newer vulnerability that allows for arbitrary code execution and does not need any user interaction like other ransomware being delivered by phishing email.

Regardless of the vector, ransomware continues to pose a serious threat for organizations going forward, serving as a reminder of the importance of prioritizing patching and infosecurity awareness education. In addition, Remote Desktop Protocol (RDP) vulnerabilities, such as BlueKeep are a warning that remote access services can be opportunities for cybercriminals and that they can also be used as an attack vector to spread ransomware.

New Opportunities in the Digital Attack Surface

Between the home printer and critical infrastructure is a growing line of control systems for residential and small business use. These smart systems garner comparably less attention from attackers than their industrial counterparts, but that may be changing based on increased activity observed targeting these control devicessuch as environmental controls, security cameras, and safety systems. A signature related to building management solutions was found to be triggered in 1% of organizations, which may not seem like much, but it is higher than typically seen for ICS or SCADA products.  

Cybercriminals are searching for new opportunities to commandeer control devices in homes and businesses. Sometimes these types of devices are not as prioritized as others or are outside the scope of traditional IT management. The security of smart residential and small business systems deserves elevated attention especially since access could have serious safety ramifications. This is especially relevant for remote work environments where secure access is important.

How to Protect Your Organization: Broad, Integrated, and Automated Security

Threat intelligence that is dynamic, proactive, and available in real-time can help identify trends showing the evolution of attack methods targeting the digital attack surface and to pinpoint cyber hygiene priorities. The value and ability to take action on threat intelligence is severely diminished if it cannot be actionable in real-time across each security device. Only a security fabric that is broad, integrated, and automated can provide protectionfor the entire networked environment, from IoT to the edge, network core and to multi-clouds at speed and scale.

Report and Index Overview
The latest Fortinet Threat Landscape Report is a quarterly view that represents the collective intelligence of FortiGuard Labs, drawn from Fortinet's vast array of global sensorsduring Q2 2019. Research data covers global and regional perspectives. Also included in the report is the Fortinet Threat Landscape Index (TLI), comprised of individual indices for three central and complementary aspects of that landscape which are exploits, malware, and botnets, showing prevalence and volume in a given quarter.



Posted by : GoDubai Editorial Team
Viewed 3555 times
Posted on : Sunday, August 18, 2019  
Replication or redistribution in whole or in part is expressly prohibited without the prior written consent of GoDubai.com.
Previous Story : Epson announces its first 24-inch dye sublimation printer, the SureColor SC-F500
Next Story : HID's Risk Management Solution as Threat and Fraud Detection for Financial Institutions
Email this article Print this article

Share this article with your friends and followers
NewsVine

Comments

Back to Top  
Most Viewed Press Release posted in the last 7 days
Eid Gifts From The Body Shop
UAE Banks Among Top Performing in GCC, KPMG Report Finds
Made in Italy, ICSA® Issues a Notification of Counterfeit Products Found in the ...
First Range Rover Made Under Social Distancing Measures Comes Off Jaguar Land R...
Introducing the Marks & Spencer Summer Edit
Ralph Lauren: How to master the art of tie-dye. #RLatHome
HONOR MagicBook Series is Perfect for Fashion Forward, Design Conscious Individu...
Emirates Sets Industry-leading Safety Standard for Customers Travelling as It Re...
OMEGA Adds Full Gold Models to The Speedmaster 38 mm Collection
Dubai Customs and Omani Counterpart Discuss Post-Covid19 Era
UAE Develops a Rapid Coronavirus Laser Testing Technology
The Heart of Europe Takes Shape as the Ultimate Sustainable Island Tourism Desti...
VFS Global Joins Nation's Biggest Community Campaign; Donates to the 10 Million ...
Mubadala Supports the Fight Against COVID-19 by Leveraging Its Assets' World-Cla...
Union Coop Al Barsha – 3 Commercial Center 40% Complete
Trina Solar Publishes Its Vertex Module Technology White Paper, Unveiling a Bran...
Aster DM Healthcare Launches ‘Our New Earth' Microsite to Coach People to Transi...
Vatika Launches Natural Hair Food, an Effective Solution for Dry Hair
INFINITI of Arabian Automobiles Launches Exclusive Eid Rewards Campaign
Samsung Brings Unparalleled Offers to Tech Enthusiasts This Eid
Renault of Arabian Automobiles brings you Trade-In Super Sale for Eid
IATA COVID-19 Middle East and Africa Update Today at 12 PM
Special Edition Jaguar XE, XF & Range Rover Vogue Vehicles Arrive in UAE
The Best Omega Sunglasses For a Long-Awaited Summer
SALAMA Announces AED 13.65 Million Profit for Q1 2020
Celebrate EID with Special Offers on HONOR Smartphones
DFDC, FDF Hold Joint Webinar on Managing Stress and Anxiety Amid COVID-19
LG to Further Diversify TV Production
SITA Steps Up Development of a Self-sovereign Identity for Air Travel
Innovating to Fight COVID-19: Four Ways Drones are Contributing
du Keeps Loved Ones and Families Connected During Eid Al Fitr With World Calling Pack
Al Tayer Motors and Premier Motors Honour UAE's COVID-19 Frontline Heroes
Ericsson's USA 5G Factory: Staffed by Professionals – Trained by VR
Sony Middle East and Africa and Gearbox team up to offer rental services of late...
Airline Debt to Balloon by 28%
80th Anniversary of Maserati's Targa Florio Victory Maserati Tests an Mc20 Proto...
Foreo Reveals 5 Ways to De-Stress Your Skin
Tips for Keeping Your Smartphone Clean
ATM Virtual to Focus on Potential Chinese Outbound Travel Market
Danube Group Chairman Files Case With Dubai Police Against Scam Star for Faking ...
Kingston Technology Ships 7.68TB Capacity for Industry-Leading High-Performance ...
Al Majid Motors Announces the Arrival of All-New Kia K5 Fastback Sedan in the UAE
GEMS Innovation Awards 2020 Recognise Young Innovators after Virtual Showdown
Glaucoma: Symptoms and Treatment
Ethical JLT Salon THT is Supporting those whose Jobs have been affected during ...
Former UNWTO Secretary-General to speak at ATM Virtual
Al-Futtaim Technologies Implements Genesys Remote Working Solutions to Ensure Bu...
How Do You Rely on Your Smartphone in the UAE During the New Normal?
Karl Lagereld Drives Digital Innovation With Launch of the “Maison Karl Lagerfe...
WTTC Launches Safe Travels Protocols for Aviation, Airports, MICE and Tour Operators