You are viewing 'global threat intelligence'
Key points: decline in attacks, challenges in securing the retail industry, and an apparent increase in nation state-sponsored cyberattacks
During Q4 ’16, NTT Security researchers observed a noticeable shift in the types of attacks from previous quarters – particularly exhibited by a much narrower scope of attack vectors. Several vulnerabilities such as Oracle Server Backup in the retail industry and Linux password files in the finance industry were specifically targeted – likely indicative of criminals identifying specific flaws and crafting attacks to fit, a sign of more sophisticated and directed efforts.
This shift was also evident in an overall 35 percent decrease in total security-related events across client networks from Q3 ’16 to Q4 ’16, including continued declines of 25 percent in... read more >
Ransomware in the health care industry, the ‘direct cash-back’ revenue model, targeting the Internet of Things (IoT), securing SWIFT networks, and a notable decrease in reconnaissance activity.
During Q3 ’16, NTT Security researchers observed attacks which exhibited the same characteristics as those a year ago in Q3 ’15 – a notable decrease in reconnaissance and an increase in application attacks, with attackers likely maintaining a persistent presence in the target environment.
NTT Security observed a 38 percent drop in security-related events from Q2 ’16 to Q3 ’16. While that seems like an amazing statistic, it included a dramatic 91 percent decrease in reconnaissance and a 64 percent decrease in suspicious activity, which may indicate more of a change in focus than a dramatic fall off in attack volume.
... read more >
Shrinking variety of attacks, inside Business Email Compromises, update on ransomware, perspective on China’s new Five Year Plan, and highlights from PCI DSS 3.2.
Solutionary observed a flattening of attack types during Q2 ’16. In recent quarters, web applications made up as much as 42 percent of observed attacks. In Q2 ’16, web application attacks made up 24 percent of such attacks. The top three attack types – web-application... read more >
Observations of the Trends and Statistics that Shaped Cybersecurity in 2015
Now in its fourth year of publication, the 2016 Global Threat Intelligence Report (GTIR) highlights observations and details about global threats. In this year’s report we continue tracking trends that have affected our clients over the last few years, as well as identify the new threats that presented themselves in 2015.
This year’s GTIR provides actionable intelligence, guidance about what attackers are doing, and comprehensive security controls designed to disrupt attacks. Controls recommended in this report will contribute to an organization’s survivability and resiliency in the face of an attack.
To develop this year’s annual report, we collaborated with several well-respected organizations, including Lockheed Martin, Recorded Future, Wapack Labs, and the Center for Internet Security. These contributors provided key feedback and observations from their unique perspectives of the cyber... read more >
Evolving attack patterns, views of BASHLITE and JOOMLA, and a look forward on Android
The Solutionary Security Engineering Research Team (SERT) released its Q4 2015 Quarterly Threat Report today.
As the source of 63 percent of all detected attacks and 79 percent of all detected malware, the United States is once again the most hostile source of cyberattacks. As we’ve seen in the past, this does not mean the attackers are within the U.S. but are using U.S. infrastructure as their launching pads. A 77 percent drop in reconnaissance activity from Q3 ’15 to Q4 ’15 indicates reconnaissance activity has plummeted nearly 88 percent from levels seen in Q2 ’15.
Malware detection and trends continue to vary widely from quarter to quarter, but one interesting observation is that the top five sources of malware accounted for 79 percent of all malware detected during Q4 ‘15. While detected malware rose only slightly through Q4... read more >