Showing posts with label cyber attack. Show all posts
Showing posts with label cyber attack. Show all posts

Monday, 1 January 2018

Traditional Antivirus fails to protect 40 percent of users!

Conventional antivirus solutions are failing to protect users from attacks according to a  Malwarebytes report.

The study is based on real-world clean up scans performed by Malwarebytes. Nearly 40 percent (39.18percent) of all malware attacks cleaned on endpoints with an AV installed occurred on endpoints that had two or more traditional AV solutions registered.

In addition 39.16 percent of attacks on endpoints with a non-OS bundled AV installed occurred on an endpoint running one of the four leading traditional AV solutions.

"The results of these scans clearly indicate the ineffectiveness of today's traditional AV solutions and, more importantly, the unknown risks to users that depend only on these AV platforms to stay safe," says Marcin Kleczynski, CEO of Malwarebytes. "Antiquated AV technology is no longer enough to protect from sophisticated cyberthreats. It's crucial that consumers and businesses understand this now before they become a victim of the next attack."

The findings also show the top ransomware types detected on compromised machines are Hidden Tear (41.65 percent) and Cerber (18.26 percent). Botnets most often detected include IRCBot (61.56 percent) and Kelihos (26.95 percent). The most prevalent Trojan types bypassing traditional AV detections are Fileless (17.76 percent) and DNSChangermalware (17.51 percent).

Of ransomware attacks 48.59 percent of Hidden Tear and 26.78 percent of Cerber events were found on a compromised endpoint that had at least one of the four leading traditional AV brands installed.

To show how widespread the problem is, Malwarebytes has produced a real-time heatmap that shows each time Malwarebytes remediates instances of malware on endpoints that have a traditional AV registered. It also shows the numbers of attacks missed by leading antivirus programs.

Source: betanews.com

Delete confidential data for good

Tuesday, 1 November 2011

Symantec: Hackers Hit Chemical Companies

Cyber attacks traced to China targeted at least 48 chemical and military-related companies in an effort to steal technical secrets, a U.S. computer security company said Tuesday, adding to complaints about pervasive Internet crime linked to this country.
The targets included 29 chemical companies and 19 others that make advanced materials used by the military, California-based Symantec Corp. said in a report. It said the group included multiple Fortune 100 companies but did not identify them or say where they were located.
"The purpose of the attacks appears to be industrial espionage, collecting intellectual property for competitive advantage," said the report.
Security experts say China is a center for Internet crime. Attacks against governments, companies and human rights groups have been traced to this country, though finding the precise source is nearly impossible. China's military is a leader in cyberwarfare research but the government has rejected allegations of cyberspying and says it also is a target.
The latest attacks occurred between late July and September and used e-mails sent to companies to plant software dubbed "PoisonIvy" in their computers, Symantec said. It said the same hackers also were involved in attacks earlier this year on human rights groups and auto companies.
Symantec said it traced the attacks to a computer system owned by a Chinese man in his 20s in the central province of Hebei. It said that when contacted, the man provided a contact who would perform "hacking for hire."
Symantec said it could not determine whether the Chinese man was a lone attacker, whether he had a direct or indirect role or whether he hacked the targets for someone else. It called him Covert Grove based on a translation of his Chinese name.
The U.S. and Chinese governments have accused each other of being involved in industrial espionage.
Security consultants say the high skill level of earlier attacks traced to China suggests its military or other government agencies might be stealing technology and trade secrets to help state companies.
The chairman of the U.S. House of Representatives Intelligence Committee, Rep. Mike Rogers, said last month that Chinese efforts to steal U.S. technology over the Internet had reached an "intolerable level." He called on the U.S. and other governments to pressure Beijing to stop.
Another security firm, McAfee Inc., said in August it had found a five-year-long hacking campaign that it called Operation Shady Rat against more than 70 governments, international institutions, corporations and think tanks.
In February, McAfee said hackers operating from China stole information from oil companies in the United States, Taiwan, Greece and Kazakhstan about operations, financing and bidding for oil fields.
Thousands of Chinese computer enthusiasts belong to hacker clubs and experts say some are supported by the military to develop a pool of possible recruits. Experts say military-trained civilians also might work as contractors for companies that want to steal technology or business secrets from rivals.
China has the world's biggest population of Internet users, with more than 450 million people online, and the government promotes Web use for business and education. But experts say security for many computers in China is so poor that they are vulnerable to being taken over and used to hide the source of attacks from elsewhere.
Last year, Google Inc. closed its China-based search engine after complaining of cyber attacks from China against its e-mail service.
That case highlighted the difficulty of tracking hackers. Experts said that even if the Google attacks were traced to a computer in China, it would have to be examined in person to be sure it wasn't hijacked by an attacker abroad.