Cyber Defense eMagazine July Edition for 2022
Cyber Defense eMagazine July Edition for 2022 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Cyber Defense eMagazine July Edition for 2022 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Malware threats were detected in EMEA at a much higher rate than other regions in the world –<br />
Europe, the Middle East and Africa were also the regions most targeted by malware threats in Q4. In<br />
fact, EMEA saw malware detections per Firebox (49%) at near or above double the rate as other regions<br />
of the world (AMER 23% and APAC 29%).<br />
78% of malware delivered via encrypted connections is evasive – Overall, 67% of malware<br />
detections arrived over an encrypted connection, and within those malware detections, 78% were zero<br />
day malware threats that evade basic detections. This continues a trend seen in previous quarters. These<br />
threats can often be stopped at the perimeter by setting firewalls to decrypt and scan incoming traffic – a<br />
step that, un<strong>for</strong>tunately, many organizations fail to take.<br />
A new leader in Office exploit malware emerges – Q4 saw a significant incidence of malware targeting<br />
Office documents, similar to findings from Q3. CVE-2018-0802 remains on the top 10 malware list,<br />
landing at number 5 this quarter, up one spot from last quarter, and remains on the most widespread<br />
malware list. Researchers suspect this may have replaced CVE-2017-11882 as the top Office exploit.<br />
Emotet comes back with a vengeance – Two new malware domains were added this quarter to the list<br />
of top malware domains detected by WatchGuard. One of these domains, Skyprobar[.]info, has been<br />
linked to Emotet, the banking trojan that has evolved into a C2 and distribution infrastructure malware <strong>for</strong><br />
other payloads. After diminishing due in part to direct disruption by US law en<strong>for</strong>cement, the Emotet<br />
malware saw a resurgence in Q4 2021.<br />
In Q4 the Threat Lab saw the highest level of zero day threats the team has ever recorded, as well as an<br />
attack surface reaching well outside the network perimeter to home networks, mobile phones, smart<br />
devices, and more. This clearly demonstrates that attackers are getting more sophisticated and threats<br />
are becoming more damaging. To address this, organizations must implement a truly unified approach<br />
to security that is able to adjust quickly and efficiently in the face of emerging threats. By wrapping security<br />
services into a simple, “single pane of glass” strategy, organizations and casual Internet users alike can<br />
stay a step ahead of threat actors and significantly lower the chance of an attack.<br />
About the Author<br />
Corey Nachreiner is the Chief Security Officer at WatchGuard<br />
Technologies. A front-line cybersecurity expert <strong>for</strong> nearly two decades,<br />
Corey regularly contributes to security publications and speaks<br />
internationally at leading industry trade shows like RSA. He has written<br />
thousands of security alerts and educational articles and is the primary<br />
contributor to the Secplicity Community, which provides daily videos<br />
and content on the latest security threats, news and best practices. A<br />
Certified In<strong>for</strong>mation Systems Security Professional (CISSP), Corey<br />
enjoys "modding" any technical gizmo he can get his hands on and<br />
considers himself a hacker in the old sense of the word. Corey can be<br />
reached at https://www.watchguard.com.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>July</strong> <strong>2022</strong> <strong>Edition</strong> 109<br />
Copyright © <strong>2022</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.