SecurityBrief Australia logo
Australia's leading source of security and threat news
Story image
A clear case for AI in endpoint protection
Story image
Mimecast integrates with IBM’s security platform
Story image
Why A/NZ organisations need to improve compliance protocols
Story image

WatchGuard report: 30% of all malware isn’t caught by legacy AV

08 May 17
Sara Barker

WatchGuard’s latest Quarterly Internet Security Report says that 30% of malware attacks are new or zero day exploits, which means antivirus solutions that rely on previous signatures are missing a huge chunk of the cyber threat landscape.

The Quarterly Internet report, based on analytics from WatchGuard's Threat Lab, looks at the latest security and network threats affecting small businesses and enterprises. 

In Q4 2016, WatchGuard blocked 30.4 million network attacks and 18.7 million malware variants.

The APAC region fared reasonably well, accounting for 6% of malware attacks and 1% of network attacks. However, all of the top ten Word macro malware variants primarily affected China and the United States.

“Our Threat Lab has been monitoring the most prevalent security industry threats and trends for years and now with the addition of the Firebox Feed—anonymised threat analytics from Fireboxes deployed around the world—we have firsthand, acute insight into the evolution of cyber attacks and how threat actors are behaving,” comments WatchGuard CTO Corey Nachreiner.

The report found that because 30% of malware is new and undetected by legacy AV solutions, it shows that cyber criminals’ ability to hide or repack their creations is outpacing the security industry’s efforts to keep up with them. 

WatchGuard says that without an advanced threat protection solution, organisations would fail to detect a third of all malware. 

Here are some of the major trends from the Quarterly Internet Security Report:

  • Macro-based malware is still doing the rounds. This include spear-phishing emails that include documents with malicious macros. Attackers have also included Microsoft’s new document format as part of their arsenal.
  • Attackers are looking at banks as popular targets for evasive malware. They're also using malicious web shells and PHP shells to hijack web servers.
  • JavaScript is still highly vulnerable, as it is still a popular malware delivery platform for exploit kits. WatchGuard says its Firebox feed saw a jump (STATS) in malicious JavaScript across email and the web.
  • Network attacks are going after web services and browsers - 73% of attacks target web browsers in drive-by downloads.
  • Trojans are increasingly going after IoT devices running Linux systems.
  • The Mirai botnet attacks showed that IoT devices should never be connected directly to the internet.

So how do organisations protect against attacks? WatchGuard has some basic tips.

  • Keep security best practices and firewalls in addition to more advanced threat protection
  • Consumers should only buy IoT devices from manufacturers who consider security. IoT devices should also be kept up to date with the latest firmware and software
  • Use layered, Kill Chain defences to protect against all possible attack vectors and stages
  • Educate employees about the latest security threats - such as Office documents loaded with malicious macros
  • Choose an advanced malware prevention solution, such as WatchGuard APT Blocker. 

Want to find out more? Download the full report here.

More:
Share on: LinkedIn Twitter Facebook
Story image
A clear case for AI in endpoint protection
Story image
Mimecast integrates with IBM’s security platform
Story image
Why A/NZ organisations need to improve compliance protocols
What the people say - Gartner’s November Customers’ Choices
A roundup of the latest Gartner Peer Insight Customers’ Choices from Backup and Recovery to Business Intelligence and Analytics, and more.
BlackBerry buys out cybersecurity AI firm Cylance
“We are eager to leverage BlackBerry’s mobility and security strengths to adapt our advanced AI technology to deliver a single platform.”
Data protection is key to building customer trust
"New data compliance rules offer an opportunity for businesses to re-evaluate their processes and improve data management and customer loyalty."
Quantum computing: The double-edged sword for cybersecurity
Quantum computing is quickly moving from science fiction to reality.
Three ways to achieve data security whilst enabling BYOD
"A mobility strategy is now more important than ever before, that said, selecting the right one is often no small task."
How IoT and hybrid cloud will change in 2019
"Traditional VPN software solutions are obsolete for the new IT reality of hybrid and multi-cloud."
WatchGuard’s eight (terrifying) 2019 security predictions
The next evolution of ransomware, escalating nation-state attacks, biometric hacking, Wi-Fi protocol security, and Die Hard fiction becomes reality.
The future of privacy: What comes after VPNs?
"75% of VPN users said they are seeking a better solution for cloud networks."
Story image
SonicWall secures hybrid clouds by simplifying firewall deployment
Once new products are brought online in remote locations, administrators can manage local and distributed networks.
Story image
What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Story image
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
Story image
Security experts comment on latest OIAC report
The Office of the Australian Information Commissioner has been notified of 245 data breaches affecting personal information between July and September 2018.
Story image
Opinion: Router security leaving major cyber exposure gap
Hardware is frequently tossed to one side upon installation and left to fester without security updates.
Download image
Whitepaper: The evolution of physical access control
Despite the enhanced security and convenience that comes from newer options, many organisations are still using outdated and vulnerable access control technology.
Download
Story image
Security tips for SMBs moving to the cloud
"SMBs moving to the cloud should assess and prepare for the changes this will bring to their existing security infrastructure."
Story image
4 tips to keep safe when phishing for treats this Halloween
Jason Howells shares Barracuda MSP's top four tips to protect your business and help identify a phishing scam from a mile away.
Story image
Sponsored
Cyber crisis continues unabated – is ATP the answer?
Statistics on cybercrime certainly makes for grim reading, and that is set to continue unless businesses take measures to stack the odds better in their favour.
Story image
Sponsored
You’re invited: Getting proactive about security - an Empired webinar
We all know that proactive security is the best security, but what does that look like? Don’t miss your chance to find out.
Story image
Exclusive: Fileless malware driving uptake of behavioural analytics
Fileless malware often finds its way into organisations via web browsers (or in combination with other vectors such as infected USB drives).
Story image
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.
Story image
Dropbox strengthens security with raft of new partnerships
Integrations will keep customer content protected and secure with tools for controlling identity access, governing data, and managing devices.
Story image
ThreatQuotient partners with Visa for payments safety
“Cyber criminals are reusing tactics, techniques and procedures, leaving a recognisable trail of breadcrumbs and insights into the very attacks they are launching.”
Download image
The features that should be front and centre when evaluating SIEMs
According to Frost & Sullivan, SIEM can either be an enabler or a retardant and there's a thin line between the two - here's the key attributes.
Download
Download image
Using SOLIDWORKS CAD to take an idea from prototype to product
Sound pioneer Nura had an ambitious concept to deliver when it raised almost two million dollars via crowdsourcing and then over five million dollars through a seed round.
Download
Download image
What does sustainable compliance look like?
Getting an organisation compliant is one thing, keeping it that way is another.
Download
Story image
'DerpTrolling’ faces jail time for Sony DoS attacks
A United States federal court has charged a 23-year-old man for the hacks on Sony Online Entertainment and other major companies back in 2014.
Story image
Organisations lack holistic approach to data protection
It is paramount for organisations to have a clear understanding of what data protection is and close the gaps in their protection strategies.
Story image
Voter databases available on the dark web - report
A Carbon Black threat report has revealed that destructive cyberattacks are increasing ahead of 2018 US midterm elections.
Story image
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Story image
Sponsored
Case study: Startup revamps systems with HID mobile access
“We want our clients to have the best experience here. This is the reason why we chose to work with HID Global solutions."
Story image
It's official: Microsoft now owns GitHub
The US$7.5 billion deal brings Microsoft closer to the heart of developer communities; with new CEO Nat Friedman replacing former GitHub CEO and co-founder Chris Wanstrath.
Download image
Survey: App dev is surging, but how are businesses doing it?
Today “every company is in the software business" to get a competitive edge, and this survey reveals how app dev is affecting IT teams.
Download
Download image
Whitepaper: An inside look at the benefits of cloud
"Cloud computing is revolutionising business, enabling organisations to move faster, spend less and deliver greater value."
Download
Story image
Sponsored
Impact of legacy technologies on threat alert response and cloud adoption among Aus enterprises
Most Australian enterprises today are hamstrung by the same technologies that once helped advance the nation’s IT economy.
Download image
Cutting through the noise with AI-driven threat analytics
SANS has provided an independent review of a new AI analytics solution designed to rescue businesses 'drowning in data' from SIEM platforms.
Download
Story image
Security cameras – a latent botnet network?
In a comparison of 16 indoor and outdoor IP surveillance cameras, researchers found only one well-protected device.
Download image
The six golden keys to successful identity assurance
When someone tries to access your internal systems, how can you be sure a user is who they claim to be?
Download
Story image
Secure Logic calls on Federal Govt to introduce IoT regulation
“The vast majority of people are not aware of the significant risks posed by unsecured IoT devices.”
Story image
Ransomware infection? Here’s how you control the damage
Ransomware has evolved to be more sophisticated and targeted, and remains a threat to businesses of all sizes.
Story image
Digital maturity among APAC CIOs reaches ‘tipping point’
Gartner's new survey has revealed enterprises that fall behind in digital business now will have a serious competitive disadvantage in the future.
Story image
ForeScout acquires OT security company SecurityMatters for US$113mil
Recent cyberattacks, such as WannaCry, NotPetya and Triton, demonstrated how vulnerable OT networks can result in significant business disruption and financial loss.
Download image
Whitepaper: Threat detection and risk measurement with machine learning
ResponSight focuses on two key areas of cybersecurity – threat detection and enterprise risk measurement – and the need for more sophisticated approaches in each.
Download
Story image
Companies swamped by critical vulnerabilities – Tenable
Research has found enterprises identify 870 unique vulnerabilities on internal systems every day, on average, with over 100 of them being critical.
Download image
Avoid underutilising office space with optimisation solutions
Facility managers and security professionals need a real-time view of how their workforce interacts with a building.
Download
Download image
Whitepaper: Layering security protection for ransomware defense
As cybersecurity threats continue to evolve in complexity, so too does the pressure to have a thorough, well-thought-out, and automated system.
Download
Story image
The silent security risk of unstructured data
"IDC estimates that 90% of today’s enterprise data is unstructured."
Story image
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
Story image
Combatting the rise of Cybercrime-as-a-Service
Amateur cybercriminals (or anyone with a grudge), can execute spam attacks, steal people’s identities, and more. 
Download image
Whitepaper: The key to compliance is governing access to data
By implementing a governance-based approach to identity governance, companies can secure their organisation’s sensitive data.
Download
Link image
Increase visibility and productivity with fleet tracking software
Know what’s going on in the field so you can dispatch more efficiently, improve customer service and reduce time spent calling drivers for updates.
Read more
Download image
The security tool conundrum: Can you have too much of a good thing?
Organisations across Asia Pacific are using many different security tools to protect their businesses, but often they have no centralised platform to manage those tools.
Download
Story image
Aus businesses see themselves as prime targets for cyber attacks
The survey of 307 Australian IT and security executives demonstrates the considerable uncertainty faced by businesses in trying to combat cybersecurity threats. 

Story image
Sponsored
Modernising your ERP could unlock a potential goldmine
Businesses with the wrong or outdated ERP systems are being deprived of insights and capabilities to drive their business forward.
Download image
Whitepaper: How to detect and respond to threats faster
This white paper uncovers how UEBA reduces your organisational risk and enables you to respond more quickly to attacks.
Download
Story image
How phishing is evolving to outpace awareness
While email providers have made strides in flagging suspicious emails and source domains, reducing the effectiveness of attacks, attackers’ techniques have also evolved.
Story image
2018’s worst malware revealed in report
Webroot has highlighted the top cyberattacks of 2018 in its latest Nastiest Malware list, which showcases the malware and attack payloads that have been most detrimental to organisations.
Download image
Secure your BYOD policies effectively with multi-factor authentication
Multifactor authentication helps organisations secure their cloud applications, privileged access management, VPN access, digital workspaces and company apps in an easy, low-friction method staff can integrate into their workflow easily.
Download
Story image
Three access management trends making waves in APAC
Consumer identity proofing, authentication, and authorisation will top the $37 billion value mark by 2023.
Story image
Bitdefender announces security integration with Kaseya
The new partnership will allow VSA by Kaseya’s cloud and on-premises users to deploy and manage security with Bitdefender Cloud Security for MSPs.
Story image
Sponsored
Huge vulnerabilities in software supply chain being exploited
A very exposing report has revealed breaches are rising and response times are falling, largely due to shoddy software development practices.
Story image
Gartner names Bitglass a leader in cloud security
Bitglass was evaluated based on its ability to execute and its completeness of vision.
Story image
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Story image
The quid pro quo in the IoT age
Consumer consciousness around data privacy, security and stewardship has increased tenfold in recent years, forcing businesses to make customer privacy a business imperative.
Download image
GDPR compliance: A step-by-step guide
The GDPR affects any company that deals with individuals living in the EU and has very specific requirements for the treatment of their personal
Download
Story image
McAfee report shows cloud storage remains vulnerable to attack
The report revealed that nearly a quarter of the data in the cloud can be categorised as sensitive, putting an organisation at risk if stolen or leaked. 
Story image
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Story image
LogRhythm reports higher-than-anticipated SOAR adoption rate
The company’s embedded security orchestration, automation and response (SOAR) capabilities are embedded in its security information and event management offering.
Story image
It's time to rethink your back-up and recovery strategy
"It is becoming apparent that legacy approaches to backup and recovery may no longer be sufficient for most organisations."
Story image
There’s nothing scarier than a data outage
"Stop to imagine what a data outage could look like, a city brought to a complete halt, like a scene out of a horror movie – no power, no hospitals, no transport."
Download image
Whitepaper: Why it’s critical to detect cyber attacks as they happen
"Many organisations are struggling to keep pace with the speed in which hackers are attacking their systems."
Download
Story image
Don’t let your network outgrow your IT team
"IT professionals spend less than half of their time at work optimising their networks and beefing it up against future security threats."
Story image
Sponsored
Five major risks of letting shadow IT go unchecked
A department creating its own bespoke IT solution may sound like a good idea, but are the risks really worth it?