Page All:
Page 1
Businesses Increasingly Under Attack From Cyber-Security Threats
Cyber-Criminals Targeting Mobile Devices and Social Media Sites
SAN JOSE, Calif., Sept. 1, 2011 /PRNewswire/ -- SonicWALL, Inc., the leading provider of intelligent network security and data protection solutions, today issued its mid-year cyber-threat intelligence bulletin. The bulletin reveals that businesses are increasingly under attack by cyber-criminals who seek to exploit employees connecting to corporate networks via mobile devices and their rising use of social media. Growth in Android-based malware and social media scams such as click-jacking on Facebook and malicious links sent over Twitter are creating new and heightened levels of business vulnerability from data intrusion, theft and loss. Productivity and profitability are also compromised due to network and application downtime. Data for the bulletin was sourced from the SonicWALL Global Response Intelligent Defense (GRID) Network(TM), which gathers, analyzes and correlates billions of dynamic, real-time global cyber-threats.
Said Boris Yanovsky, SonicWALL vice president of software engineering, "Cyber-criminals are focusing their attention on penetrating corporate networks and data through mobile workflow and applications. Employees innocently surfing dating sites via a mobile device or PC, that are in fact fake sites, or clicking on offers on Facebook such as a free McDonald's meal that are click-jacking scams, can have a catastrophic impact on data security, business continuity and profitability." Yanovsky continued, "New levels of network and firewall security are needed to protect against these increasingly sophisticated and prolific threats. Advanced networking security technologies such as application intelligence and control, real-time data visualization, intrusion prevention and malware protection, all of which are available in SonicWALL's Next-Generation Firewalls, deliver this protection."
Key findings of the mid-year cyber-threat intelligence bulletin include
-- Mobile-based threats have risen significantly over the last six months.
While these threats are not as widespread as computer-based threats,
cyber-criminals have found workarounds to attack mobile phones on any
platform. Threats that infiltrate mobile devices via popular
applications like Apple Safari and Adobe Reader can attack multiple
operating systems. Also, the small screens of mobile devices typically
truncate the view of long URLs, giving hackers an opportunity to lure
unsuspecting users to a fake site masquerading as the site of a trusted
institution.
-- Android Market malware is a growing issue. With the growth of the
Android Market, there has been an increase in rogue applications
affecting thousands of users. Google is actively removing malicious
applications that appear in the market and has also removed multiple
malicious apps remotely from users' mobile devices. However, some
threats remain.
-- Security threats resulting from the use of social media continue to
rise. As social media has become part of the fabric of social and
work-life, constant access to sites by employees from the corporate
network is creating new levels of vulnerability. Click-jacking scams
lead to surveys that generate income for the hackers and rogue apps
compromise confidential information. Twitter messages can contain
shortened malicious links that can even activate just by hovering over
them. Email attacks on popular sites emulate the "look and feel" of
these sites to produce very credible-looking scams.
-- The U.S., Canada and Taiwan are the most heavily hit countries for
worldwide threat-related traffic. In addition, the U.S., China, India
and Korea lead in intrusion-related and multimedia threats. A snapshot
of the top 10 most heavily hit countries may be viewed here.
-- New and familiar viruses continue to infect computers and networks
worldwide. Top malware threats in the first half of 2011 were fake
anti-virus malware, including a new variant consisting of fake desktop
utilities, SpyEye and Zeus trojan spams. "Poisoned" search results
continue to deliver active malware, and every new variant is repackaged
to evade anti-virus detection. Malicious code and spam often masquerade
as Facebook status updates, or email and security updates from
Microsoft, while BredoLab and Oficla trojan spams masquerade as tracking
and invoice sites from shipping companies such as FedEx, UPS, DHL and
USPS. For a list of the top intrusions, malware as well as important
gateway and anti-virus signatures that protected against these threats
for the first half of 2011, click here.
-- Phishing fraud is more sophisticated and difficult to detect. Phishers
have reduced errors and improved the quality and content of their
emails, and they are now able to produce web sites that look entirely
legitimate, with multiple redirections masking the deception. Blended
threats that combine techniques such as data theft and malware
installation are also more prevalent. SonicWALL continuously updates its
list of institutions likely to be targets of spoofing attacks intended
to harvest usernames, passwords and other sensitive customer
information. An updated list of organizations that have been spoofed
over the last six months is available here.
-- Most dangerous threats over the last six months include advanced
persistent threats that come in through clicked links, lie hidden for an
indefinite period of time and become active at a predefined time. Also
highly dangerous are institutional database breaches, which expose a
wealth of data for criminal use by correlating data from more than one
source, providing the basis for sophisticated attacks such as spear
phishing (targeted phishing) and threats to SCADA-based systems.
-- Most widespread threats. The most active category continues to be
FakeAV, which uses the latest trends and news stories to target a large
user base, serving OS-specific and location-specific malware. Spam
continues to be widespread, with large flows of emails carrying
virus-laden attachments; pitches for weight loss products, wristwatches,
and pornographic services and products; "nuisance" spam that has no
content other than three or four random characters; and image-only spam.
Track the latest threats at the SonicWALL Threat Center.
For more news on Dynamic Security and Next-Generation Networks, follow SonicWALL on LinkedIn, Facebook and Twitter.
About the SonicWALL Threat Bulletin
Data for the bulletin is sourced from the SonicWALL Global Response Intelligent Defense (GRID) Network(TM), which gathers, analyzes and correlates billions of dynamic, real-time global cyber-threats from the entire range of SonicWALL solutions - including Next-Generation Firewalls, Unified Threat Management (UTM), anti-spam, anti-virus, anti-spyware, intrusion prevention, content filtering and application firewall defenses.
About the SonicWALL Threat Center:
With millions of SonicWALL anti-spam and email security sensors deployed at sites worldwide with its SonicWALL Global Response Intelligent Defense (GRID) Network, the world-renowned research team from the SonicWALL Threat Center and SonicWALL Labs are able to track and protect against malware, intrusions, phishing, viruses, spyware variants, and vulnerabilities with the highest industry catch rates. SonicWALL updates the center on worldwide threats over multiple vectors. In 2010, SonicWALL blocked 6 billion virus attacks, prevented more than 300 billion intrusions, and controlled more than 3 trillion applications. On a typical day, SonicWALL reviews more than 50,000 new malware samples, and helps corporations stop more than 4 million malware attempts, 400 million intrusions, and 400 million spam emails from entering inboxes.
About SonicWALL, Inc.
Guided by its vision of Dynamic Security for the Global Network, SonicWALL develops advanced intelligent network security and data protection solutions that adapt as organizations evolve and as threats evolve. Trusted by small and large enterprises worldwide, SonicWALL solutions are designed to detect and control applications and protect networks from intrusions and malware attacks through award-winning hardware, software and virtual appliance-based solutions. For more information, visit http://www.sonicwall.com/.
Copyright © 2011 SonicWALL, Inc. All rights reserved. SONICWALL® is a registered trademark of SonicWALL, Inc. and all other SonicWALL product and service names and slogans are trademarks or registered trademarks of SonicWALL, Inc. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective owners.
Available Topic Expert(s): For information on the listed expert(s), click appropriate link.
Patrick Sweeney
https://profnet.prnewswire.com/Subscriber/ExpertProfile.aspx?ei=96561
Matt Medeiros
https://profnet.prnewswire.com/Subscriber/ExpertProfile.aspx?ei=96564
SOURCE SonicWALL, Inc.
SonicWALL, Inc.
CONTACT: Jock Breitwieser, SonicWALL, Office, +1-408-962-6165, Mobile, +1-408-656-3215, jbreitwieser@SonicWALL.com, Kristen Leon, Bond PR, +1-415-848-2626, +1-415-613-8320, kristen@bondprus.com
Web Site: http://www.sonicwall.com
Businesses Increasingly Under Attack From Cyber-Security Threats
Cyber-Criminals Targeting Mobile Devices and Social Media Sites
SAN JOSE, Calif., Sept. 1, 2011 /PRNewswire/ -- SonicWALL, Inc., the leading provider of intelligent network security and data protection solutions, today issued its mid-year cyber-threat intelligence bulletin. The bulletin reveals that businesses are increasingly under attack by cyber-criminals who seek to exploit employees connecting to corporate networks via mobile devices and their rising use of social media. Growth in Android-based malware and social media scams such as click-jacking on Facebook and malicious links sent over Twitter are creating new and heightened levels of business vulnerability from data intrusion, theft and loss. Productivity and profitability are also compromised due to network and application downtime. Data for the bulletin was sourced from the SonicWALL Global Response Intelligent Defense (GRID) Network(TM), which gathers, analyzes and correlates billions of dynamic, real-time global cyber-threats.
Said Boris Yanovsky, SonicWALL vice president of software engineering, "Cyber-criminals are focusing their attention on penetrating corporate networks and data through mobile workflow and applications. Employees innocently surfing dating sites via a mobile device or PC, that are in fact fake sites, or clicking on offers on Facebook such as a free McDonald's meal that are click-jacking scams, can have a catastrophic impact on data security, business continuity and profitability." Yanovsky continued, "New levels of network and firewall security are needed to protect against these increasingly sophisticated and prolific threats. Advanced networking security technologies such as application intelligence and control, real-time data visualization, intrusion prevention and malware protection, all of which are available in SonicWALL's Next-Generation Firewalls, deliver this protection."
Key findings of the mid-year cyber-threat intelligence bulletin include
-- Mobile-based threats have risen significantly over the last six months.
While these threats are not as widespread as computer-based threats,
cyber-criminals have found workarounds to attack mobile phones on any
platform. Threats that infiltrate mobile devices via popular
applications like Apple Safari and Adobe Reader can attack multiple
operating systems. Also, the small screens of mobile devices typically
truncate the view of long URLs, giving hackers an opportunity to lure
unsuspecting users to a fake site masquerading as the site of a trusted
institution.
-- Android Market malware is a growing issue. With the growth of the
Android Market, there has been an increase in rogue applications
affecting thousands of users. Google is actively removing malicious
applications that appear in the market and has also removed multiple
malicious apps remotely from users' mobile devices. However, some
threats remain.
-- Security threats resulting from the use of social media continue to
rise. As social media has become part of the fabric of social and
work-life, constant access to sites by employees from the corporate
network is creating new levels of vulnerability. Click-jacking scams
lead to surveys that generate income for the hackers and rogue apps
compromise confidential information. Twitter messages can contain
shortened malicious links that can even activate just by hovering over
them. Email attacks on popular sites emulate the "look and feel" of
these sites to produce very credible-looking scams.
-- The U.S., Canada and Taiwan are the most heavily hit countries for
worldwide threat-related traffic. In addition, the U.S., China, India
and Korea lead in intrusion-related and multimedia threats. A snapshot
of the top 10 most heavily hit countries may be viewed here.
-- New and familiar viruses continue to infect computers and networks
worldwide. Top malware threats in the first half of 2011 were fake
anti-virus malware, including a new variant consisting of fake desktop
utilities, SpyEye and Zeus trojan spams. "Poisoned" search results
continue to deliver active malware, and every new variant is repackaged
to evade anti-virus detection. Malicious code and spam often masquerade
as Facebook status updates, or email and security updates from
Microsoft, while BredoLab and Oficla trojan spams masquerade as tracking
and invoice sites from shipping companies such as FedEx, UPS, DHL and
USPS. For a list of the top intrusions, malware as well as important
gateway and anti-virus signatures that protected against these threats
for the first half of 2011, click here.
-- Phishing fraud is more sophisticated and difficult to detect. Phishers
have reduced errors and improved the quality and content of their
emails, and they are now able to produce web sites that look entirely
legitimate, with multiple redirections masking the deception. Blended
threats that combine techniques such as data theft and malware
installation are also more prevalent. SonicWALL continuously updates its
list of institutions likely to be targets of spoofing attacks intended
to harvest usernames, passwords and other sensitive customer
information. An updated list of organizations that have been spoofed
over the last six months is available here.
-- Most dangerous threats over the last six months include advanced
persistent threats that come in through clicked links, lie hidden for an
indefinite period of time and become active at a predefined time. Also
highly dangerous are institutional database breaches, which expose a
wealth of data for criminal use by correlating data from more than one
source, providing the basis for sophisticated attacks such as spear
phishing (targeted phishing) and threats to SCADA-based systems.
-- Most widespread threats. The most active category continues to be
FakeAV, which uses the latest trends and news stories to target a large
user base, serving OS-specific and location-specific malware. Spam
continues to be widespread, with large flows of emails carrying
virus-laden attachments; pitches for weight loss products, wristwatches,
and pornographic services and products; "nuisance" spam that has no
content other than three or four random characters; and image-only spam.
Track the latest threats at the SonicWALL Threat Center.
For more news on Dynamic Security and Next-Generation Networks, follow SonicWALL on LinkedIn, Facebook and Twitter.
About the SonicWALL Threat Bulletin
Data for the bulletin is sourced from the SonicWALL Global Response Intelligent Defense (GRID) Network(TM), which gathers, analyzes and correlates billions of dynamic, real-time global cyber-threats from the entire range of SonicWALL solutions - including Next-Generation Firewalls, Unified Threat Management (UTM), anti-spam, anti-virus, anti-spyware, intrusion prevention, content filtering and application firewall defenses.
About the SonicWALL Threat Center:
With millions of SonicWALL anti-spam and email security sensors deployed at sites worldwide with its SonicWALL Global Response Intelligent Defense (GRID) Network, the world-renowned research team from the SonicWALL Threat Center and SonicWALL Labs are able to track and protect against malware, intrusions, phishing, viruses, spyware variants, and vulnerabilities with the highest industry catch rates. SonicWALL updates the center on worldwide threats over multiple vectors. In 2010, SonicWALL blocked 6 billion virus attacks, prevented more than 300 billion intrusions, and controlled more than 3 trillion applications. On a typical day, SonicWALL reviews more than 50,000 new malware samples, and helps corporations stop more than 4 million malware attempts, 400 million intrusions, and 400 million spam emails from entering inboxes.
About SonicWALL, Inc.
Guided by its vision of Dynamic Security for the Global Network, SonicWALL develops advanced intelligent network security and data protection solutions that adapt as organizations evolve and as threats evolve. Trusted by small and large enterprises worldwide, SonicWALL solutions are designed to detect and control applications and protect networks from intrusions and malware attacks through award-winning hardware, software and virtual appliance-based solutions. For more information, visit http://www.sonicwall.com/.
Copyright © 2011 SonicWALL, Inc. All rights reserved. SONICWALL® is a registered trademark of SonicWALL, Inc. and all other SonicWALL product and service names and slogans are trademarks or registered trademarks of SonicWALL, Inc. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective owners.
Available Topic Expert(s): For information on the listed expert(s), click appropriate link.
Patrick Sweeney
https://profnet.prnewswire.com/Subscriber/ExpertProfile.aspx?ei=96561
Matt Medeiros
https://profnet.prnewswire.com/Subscriber/ExpertProfile.aspx?ei=96564
SOURCE SonicWALL, Inc.
SonicWALL, Inc.
CONTACT: Jock Breitwieser, SonicWALL, Office, +1-408-962-6165, Mobile, +1-408-656-3215, jbreitwieser@SonicWALL.com, Kristen Leon, Bond PR, +1-415-848-2626, +1-415-613-8320, kristen@bondprus.com
Web Site: http://www.sonicwall.com