blog-slider.jpg

KnowBe4

Security Awareness Training Blog


Keeping You Informed. Keeping You Aware.

Bad News: Your Antivirus Detection Rates Have Dramatically Declined In 12 Months

We all had the nagging suspicion that antivirus is not cutting it anymore, but the following numbers confirm your intuition. I have not seen more powerful ammo for IT security budget to transform your employees into an effective "last line of defense": a human firewall.

Scam Of The Week: Pokémon Malware, Muggings And Other Mayhem

In case you just came back from vacation, there literally is a new craze going on with an augmented-reality smartphone app called Pokémon Go. It's a geocaching game, meaning it's tied to real-world locations. 

Ransomware Roundup July 2016: Satana New MBR / FIle Encryption Strain

New Hybrid MBR Ransomware Strain

To start off, there is a new ransomware strain from hell called "Satana" (the reference is clear, just take the last "a" off) which is a blend between classing file encryption malware and the Petya / Misha strain which locks the Master Boot Record (MBR).  This looks like a Petya copycat, for each encrypted file, Satana prepends their email address to each file like this: "email@domain.com_filename.extension".

Satana then encrypts the MBR and replaces it with its own. The first time when a user reboots their workstation, Satana's MBR boot code will load and the only thing the machine will show is Satana's ransom note. Here is how the note looks as a text file:

We just received the ultimate in weird nested malware

Last night a customer sent us a phish via the KnowBe4 Phish Alert Button ( free download here) that must win some kind of award for the longest chain of required user interactions -- all designed to push the easily detectable stuff as far away from the base email body and attachment as possible.
 
It goes like this:
 
1. Email body contains social engineering hook that points users to a PDF attachment.
 
2. PDF attachment contains an embedded URL (allegedly for a secure doc) that consists of a tinyurl URL shortener link.

Tampa is 842% above the national average in malware infections

A new study by Enigma Software revealed the hardest hit cities in the country when it comes to computer viruses. Tampa was ranked #2 for malware infections per person. That's 842% above the national average! Others in the top 5 include Little Rock, St. Louis, Orlando and Denver. Because there are so many different types of infections, it's really hard to pinpoint why any one area would be more susceptible than another. However, this is actually an easy problem to prevent. 

Websense: Malware-as-a-Service Makes Cybercrime Easier

Websense released their annual Threat Report, which is interesting if you want to know what’s really happening in the criminal cyber landscape. Here are a few highlights, with a link to the full report below.

Despite the increase in data breaches, the total volume of malware threats is actually 5.1 percent less compared to 2013. They logged a whopping 3.96 billion security threats in 2014 though.

The Websense numbers again show that the human is the weak link in IT security. Around one in three (30%) of end-users click through a malicious URL in an email even though they have been warned of the danger. "End users are increasingly desensitized from the warnings, don’t feel responsible and still lack enterprise-driven education," according to Websense.

10 Hacking Facts / How They Impact You [Infographic]

Cybersecurity is one of the most pressing concerns for business and consumers, especially when it comes to social media. So much personal identifiable information (PII) exists across the internet that it’s practically inevitable that malicious forces would try to take it. An infographic from Heimdal Security outlines 10 cybersecurity facts and how they impact your online security.

Kaspersky: NSA has pwned all hard drives firmware

Reuters just broke news that's pretty astounding.  I\m copying just a few paragraphs and I recommend you read the release yourself.

 

More Than 16 Million Devices Are Infected With Mobile Malware

Pierluigi Paganini blogged about a recent study published by Alcatel-Lucent’s Motive Security Labs which reported that 16 million devices worldwide have been infected by mobile malware.

Antivirus Products Are Slow at Making Malware Signatures

The traditional malicious software detection approach is far from being sufficient, especially in corporate environments. More and more it's found that antivirus products can take months before adding the algorithms to recognize the more complex threats.

A recent study from Damballa, a security company offering solutions against advanced cyber threats, revealed that malware could spend as much as six months on a system before it is identified using signature-based detection.

Subscribe To Our Blog

Phish Your Users




Get the latest about social engineering

Subscribe to CyberheistNews