Tag Archive for: security

Global malware surge revealed in WatchGuard’s latest Internet Security Report


A recent Internet Security Report revealed a significant surge in evasive malware, amplifying the total volume of malware globally. Global cybersecurity leader WatchGuard Technologies compiled the report, which also outlined crucial trends among top malware and both network and endpoint security threats, exploring data collected and analysed by their Threat Lab researchers.

Key findings showed threat actors increasingly exploiting on-premises email servers and a continuing decline in ransomware detections, potentially due to law enforcement’s concerted international efforts to dismantle ransomware extortion groups.

Corey Nachreiner, WatchGuard’s Chief Security Officer, stated that their latest research shows threat actors using various techniques to target vulnerabilities, especially in older software and systems. He emphasised, “Organisations must adopt a defence-in-depth approach to protect against such threats. Updating the systems and software on which organisations rely is a vital step toward addressing these vulnerabilities.”

Among the report’s key findings was a parallel increase in evasive, basic, and encrypted malware in Q4 2023, contributing to an overall rise in malware. The average malware detection per Firebox grew by 80% compared to the previous quarter, evidencing a significant volume of malware threats arriving at the network perimeter. Geographically, the Americas and the Asia-Pacific region experienced the most significant increase in malware instances.

TLS and zero-day malware instances were also noted to rise. Approximately 55% of malware arrived over encrypted connections, a 7% increase from Q3. Meanwhile, zero-day malware detections jumped to 60% of all malware detections, up from 22% the previous quarter. However, zero-day malware detections with TLS fell to 61%, exhibiting a 10% decrease from Q3, shedding light on the unpredictability of malware in the wild.

Two of the top five malware variants led users to the DarkGate network. JS.Agent.USF and Trojan.GenericKD.67408266, both in the top five, redirected users to malicious links. Both of these malware loaders also attempted to load DarkGate malware onto the victim’s computer.

A resurgence of…

Source…

Google Wallet adds ‘Verification settings’ to balance security and convenience


What you need to know

  • Google Wallet has added a new verification settings menu for Android devices.
  • This setting allows users to decide whether or not they need to be verified before paying for a ticket on public transport.
  • This will help to make Google Wallet even more secure.

The ability to store card details, transit passes, boarding passes, and contactless payments, means Google Wallet is a convenient way to save time.  Now, Google is working hard to make Wallet even more secure and user-friendly by introducing a new ‘Verification settings’ menu.

The new addition, as spotted by 9to5 Google, lets users decide whether or not verification is required, specifically when paying for a transit ticket. Under “Wallet settings” is the new “Security” heading, under which “Verification settings” are listed. When selected, the user can “choose if you’ll need to verify it’s you when using your items stored in Wallet.” 

At the moment, the only available option here is “Transit payments.” When the “verification required” toggle is on, Wallet will require “verification for paying for bus, metro, and more with a credit or debit card.” This means the usual options for a device include a PIN or fingerprint scan, for example.  

Screenshots of the new verification settings menu in Google Wallet

(Image credit: Phone Arena)

If a user already has a transit pass stored in Wallet, the toggle will be switched on by default. The wallet will then require verification before paying with their bank card. If no transit pass is stored, this option will be automatically turned off. 

Source…

Teams, Slack, and GitHub, oh my! – How collaborative tools can create a security nightmare


When building Teams security, first determine the level of risk your organization is willing to accept. For example, do you want Teams to be open to anonymous users or limit it strictly to internal users?

To adjust this setting, perform the following steps:

If you decide that guest access is to be allowed on your network, you need to be aware of the potential for Teams to be used as a means for attack. You can improve security by deploying more phishing-resistant authentication methods, such as number matching, rather than merely allowing automatic approval of the prompt.

Next, consider implementing Conditional Access rules. This requires additional licensing to implement but may be wise, as attackers turn more and more to using the cloud as a launching point for attacks.

Conditional access rules will allow you to restrict Microsoft 365 logins by using stronger authentication techniques as well as increasing the various strengths of built-in authentication: Multifactor authentication strength, Passwordless MFA strength, and Phishing-resistant MFA strength.

You may decide to limit your Teams interactions to approved domains rather than leaving it open to new and anonymous users. And of course, educating end users only to accept files from trusted partners is crucial.

Source…

Second Android 15 preview bolsters security to safeguard your files


What you need to know

  • Further digging into Google’s second Android 15 preview shows increased security efforts to protect devices connected via USB.
  • When attempting to switch USB modes, users will have to verify that it is them through various lock screen security methods.
  • Google detailed its second Android 15 preview yesterday (Mar. 21), offering insight into its satellite connectivity and more.

Google’s latest Android 15 preview gives users better insight into how it will protect your files when connected via USB.

According to Mishaal Rahman (Android Police), Android 15 Developer Preview 2 shows the software will require more “authentication” during USB-connected moments. To change which USB mode you’re in, Rahm discovered users must verify it’s truly them via lock screen measures such as their PIN, fingerprint, pattern, or password.

Source…