Recent reports indicate that attacks such as ransomware can bypass traditional security solutions because these organizations often overlook the importance of patching, updating, or changing current products and services. According to the latest research report from the Web security company Webroot, since September 2017, more than 5,000 websites have been hijacked by CoinHive, a JavaScript cryptocurrency miner, to dig Monero coins.
Hal Lonas, Webroot’s chief technology officer, said: “From the news headlines of the past year, we can clearly feel that attackers have become increasingly aggressive, and the attack methods are more flexible. Hijacking to steal cryptocurrency attacks has become a new threat, it has reached the attack expectations of attackers: anonymity, ease of deployment, low risk, and high returns. Enterprises need to use real-time threat intelligence to detect this new threat and detect these before further damage is done. Malicious behavior.”
From the survey data, the security of Windows 10 is almost double that of Windows 7. However, the migration rate is very low. At the end of 2017, only 32% of enterprise types of equipment have been upgraded to newer operating systems.
In addition, phishing attacks have become more targeted and they have begun to use social engineering and IP masking methods to increase their intrusion success rate. On average, phishing websites only have 4-8 hours of online time, which means they are circumventing traditional anti-phishing tactics.
Source, Image: WebRoot
