Cisco released its Cyber-report in mid-2014 in Black Hat USA The report analyzes the weaknesses of the organizations,the threat landscape,such as obsolete software,bad code, digital properties abandoned or user errors.These vulnerabilities allow exploits by methods such as DNS queries; Exploit kits,crockery amplification attacks and emergency services,among other examples.
The report examines the threat information and trends in cyber security for the first half of 2014 saw 16 large multinational organizations with more than 4 billion in assets and revenues of more than $ 300 billion $.The big takeaway is that companies not only to focus on high-profile vulnerability to neglect,to the entire IT platform tie up loose ends.
Focusing on weaknesses in bold as highly publicized Heartbleed allows malicious attacks actors escape detection by legacy applications Low profile and infrastructure remains known weaknesses.Java programming most of actors exploited maliciously. Java exploits rose to 93 percent of all indicators of Commitment (IOC),in May 2014 compared to 91 percent in November-2013.
The report says it is unusual to recover the malware in the vertical markets.For the first half of 2014,the media and publishing led the industry verticals,followed by the pharmaceutical and chemical industry and aviation.The primary vertical markets most affected region were the media and publishers in America,food and drinks in EMEA and Asia-Pacific Insurance,China,Japan and India.The report names three main security insights tying enterprises to malicious traffic:
The report examines the threat information and trends in cyber security for the first half of 2014 saw 16 large multinational organizations with more than 4 billion in assets and revenues of more than $ 300 billion $.The big takeaway is that companies not only to focus on high-profile vulnerability to neglect,to the entire IT platform tie up loose ends.
Focusing on weaknesses in bold as highly publicized Heartbleed allows malicious attacks actors escape detection by legacy applications Low profile and infrastructure remains known weaknesses.Java programming most of actors exploited maliciously. Java exploits rose to 93 percent of all indicators of Commitment (IOC),in May 2014 compared to 91 percent in November-2013.
The report says it is unusual to recover the malware in the vertical markets.For the first half of 2014,the media and publishing led the industry verticals,followed by the pharmaceutical and chemical industry and aviation.The primary vertical markets most affected region were the media and publishers in America,food and drinks in EMEA and Asia-Pacific Insurance,China,Japan and India.The report names three main security insights tying enterprises to malicious traffic:
- Man In The Browser attacks: Nearly 94 percent of customer networks observed in 2014 have traffic going to websites hosting malware. Issuing DNS requests for hostnames where the IP address to which the hostname resolves is reported to be associated with the distribution of Palevo, SpyEye and Zeus malware families that incorporate man-in-the-browser (MiTB) functionality.
- Botnet hide and seek: Nearly 70 percent of networks-issued DNS queries for Dynamic DNS domans. This shows evidence of networks misused or compromised with botnets using DDNS to alter IP address to avoid detection and blacklisting. Few legitimate outbound connection attempts from enterprises would seek dynamic DNS domains outside of malicious intent.
- Encrypting stolen data: Nearly 44 percent of observed customer networks in 2014 were identified as issuing DNS requests for sites and domains with devices that provide encrypted channel services, used by malicious actors to cover their tracks by exfiltrating data using encrypted channels to avoid detection like VPN, SSH, SFTP, FTP and FTPS.
On a positive note, the number of
exploit kits has dropped by 87 percent since the alleged creator of the widely
popular Blackhole exploit kit was arrested last year. No clear leader has yet
to emerge among several observed exploit kits.
No comments:
Post a Comment
Note: only a member of this blog may post a comment.