[caption id="" align="alignleft" width="460" caption="Microsoft Security Intelligence Report Volume 13"]
[/caption]
Microsoft released their Security Intelligence Report (SIR) last week, with some very interesting results.
See the purple line of HTML/Javascript? That is mostly the Black Hole exploit kit. Cybercriminals use this exploit kit to build a malicious web page that infects the workstations of your employees who visit the page. Once the exploit is successful, malware is delivered as a drive-by-download, unseen by your employee. Exploits break into the workstation which is subsequently infected with malware, in less than a second.
If you are in IT and responsible for end-user security, your Security Awareness Training needs to cover both phishing, opening attachments, but also train them that there are potential dire consequences to visiting high-risk websites that provide free downloads of either files, music or software.
[/caption] Microsoft released their Security Intelligence Report (SIR) last week, with some very interesting results.
See the purple line of HTML/Javascript? That is mostly the Black Hole exploit kit. Cybercriminals use this exploit kit to build a malicious web page that infects the workstations of your employees who visit the page. Once the exploit is successful, malware is delivered as a drive-by-download, unseen by your employee. Exploits break into the workstation which is subsequently infected with malware, in less than a second.
If you are in IT and responsible for end-user security, your Security Awareness Training needs to cover both phishing, opening attachments, but also train them that there are potential dire consequences to visiting high-risk websites that provide free downloads of either files, music or software.
