Companies are being left exposed to malware by increasingly sophisticated techniques, such as using SSL/TSL to bypass firewalls and ever evolving exploit kits, according to a new report by Dell Security.
In its Annual Threat Report (registration required), Dell reported that the number of malware attacks that occurred in 2015 was nearly twice that of 2014, with hackers making particular use of weaknesses in businesses security programmes.
Curtis Hutcheson, general manager of Dell Security, said: "Many of the breaches in 2015 were successful because cybercriminals found and exploited a weak link in victims' security programs due to disconnected or outdated point solutions that could not catch these anomalies in their ecosystem."
Examples of this included the continued use of Windows XP, an underuse of security auditing and not having the right infrastructure in place to detect an intrusion once it had made its way into the company network.
Key trends noted by Dell Security that leave businesses vulnerable are the increased speed with which exploit kits are evolving, the continued and growing use of cyber criminals hiding malware within SSL/TSL encrypted traffic to penetrate firewalls, and the continued rise of Android malware.
With regard to exploit kits, Dell Security highlighted four key trends, including the use of forensic countermeasures such as encrypting the malware payload, new evasion techniques like URL pattern changes, concealing malicious files within benign ones, and new landing page entrapment techniques.
The company called the Android platform a prime target for malware, with a large number of smartphones at risk globally because of this, particularly with regard to attacks on banking apps and other financial information, as well as ransomware.
It also predicts that in 2016 this will grow to include attacks on Android Pay via malicious apps and vulnerabilities in point-of-sale (POS) terminals.
Dell Security is not the only organisation to notice the continued growth of Android malware, whith the trend also being noted also by Intel Security in its newly released Mobile Threat Report and IBM Security in its X-Force Threat Intelligence Report, also released today.
-
Enterprises face delicate balancing act with data center sustainability goalsNews High energy consumption, raw material requirements, and physical space constraints are holding back data center sustainability efforts, according to new research from Seagate.
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Futurum Group endpoint security trends 2023whitepaper Protection across AI attack vectors
-
Workshop: Network security design for cloudwhitepaper Network security design
-
Hackers claim fresh Dell data breach just days after the company confirms probe into employee info leakNews In what could be the second Dell data breach in the space of a week, hackers claim to have accessed 3.5GB of company data
-
Dell says data breach affecting 49 million customers poses no 'significant risk’News Dell claims customers aren’t exposed to significant risk in the wake of a major breach, but they should be wary of targeted social engineering attacks.
-
Dell and CrowdStrike expand partnership to drive unified securityNews Dell’s MDR service with integrated CrowdStrike Falcon XDR is available directly and via channel partners
-
The Total Economic Impact™ of the Intel vPro® Platform as an endpoint standardWhitepaper Cost savings and business benefits enabled by the Intel vPro® Platform as an endpotnt standard
-
PowerEdge - Cyber resilient infrastructure for a Zero Trust worldWhitepaper Combat threats with an in-depth security stance focused on data security
-
Redefining modern enterprise storage for mission-critical workloadsWhitepaper Evolving technology to meet the mission-critical needs of the most demanding IT environments
