First Line of Defense: Threats Today, Warnings for Tomorrow

3 years ago

Text only:

This message contains graphics. If you do not see the graphics, click here to view.
View the Web version.
First Line of Defense
Your regular source of security updates from TrendLabs
November 30, 2015

Threats Today, Warnings for Tomorrow



Much like waves in a seismograph, notable events that have risen in the past quarter can be treated as an indicator of impending quake—signifying even bigger threats that are slated to come. Looking closely at events and security incidents that have transpired in the past, we get to pick up bits and pieces that form a vivid picture of what is to unfold in the future.

In Hazards Ahead: Current Vulnerabilities Prelude Impending Attacks, we dissect security events and put meaning to what has happened in the past quarter – allowing us to identify security gaps that need addressing to diminish forthcoming damages. The security incidents we saw this past quarter revealed just how big the existing cracks are in the mobile ecosystem, Internet-connected devices, and network infrastructures. How prepared are we for what is to come? Will these cracks remain unpatched?

" The security incidents we saw this past quarter revealed just how big the existing cracks are in the mobile ecosystem, Internet-connected devices, and network infrastructures. "
Lately, we have seen damaging data breaches that have gone the route of being “personal” and “destructive”. Incriminating classified information prove to be an asset among threat actors. Reputation is everything, and any suspicious activity can be willfully used by a cybercriminal to incite embarrassment, customer distrust and loss of credibility.

For one, the Ashley Madison hack resulted into the loss of data used against the company fueling its controversial operations that later on tormented the site members through blackmail and extortion. The Hacking Team breach, on the other hand, gave rise to a slew of security vulnerabilities. Given the success of breaches taken advantage of by attackers for their nefarious gains, it won’t be long before we see more attacks geared towards the search for incriminating information that can be exposed publicly or sold privately to the highest bidder in the murkier portions of the Deep Web.

Established mobile platforms also took a beating in the third quarter of 2015. It was during this time that major vulnerabilities surfaced not just on Android, but on Apple's iOS platform as well—marring earlier formed notions that iOS is impenetrable. Because of the newly-discovered flaws, it would be the first time that both platforms would be considered severely compromised. The discovery of mediaserver as a hotbed for vulnerabilities among Android devices and the malicious piece of code known as “XcodeGhost” slipping through Apples’s strict app-posting policies are two of the most reported in the past quarter. Small and medium-sized businesses were heavily affected in the third quarter of 2015 as point-of-sale (PoS) malware attacks were launched using the “shotgun approach.” In the said technique, cybercriminals sent spammed messages even to unintended targets, in the hopes of infecting PoS devices. This can be attributed to the fact that SMBs make use of weaker security as compared to the rollout of better security technologies employed in bigger enterprises.

For a detailed look security incidents in the past quarter of 2015, read the full report Hazards Ahead: Current Vulnerabilities Prelude Impending Attacks


Security Spotlight
Prototype Nation: Emerging Innovations in Cybercriminal China

The Chinese cybercriminals leveraged new technologies and trends for their operations. In this report, our researchers share new findings on the Chinese underground.

Security for Home Users
Expert Insights: Securing Smart Cars

Hacking smart cars is no longer a figment of one’s imagination as reported hacks highlight the need for better security. Watch this video to learn the importance of securing smart cars and the critical role of car manufacturers.

Security for Business
Targeted Attacks: Six Components of Targeted Attacks

In this article, we shed light on the various components of targeted attacks to depict how it happens, and the necessary steps to take in order to mitigate its risks.

© 2015 Trend Micro Incorporated




Deel deze nieuwsbrief op

© 2019