• About
  • Archive
  • Contact
  • basefarm.com
Basefarm Blog
  • Big Data blog
  • Cloud blog
  • Security blog
  • DevOps blog
  • Menu

MALWARE IS SO 2017: FIVE SECURITY TRENDS TO WATCH OUT FOR

“Security and risk management leaders have operated in the shadows for a long time. Now it’s their opportunity to shine,” said Peter Firstbrook, research vice president at Gartner. “If they exploit emerging trends and build a strong security program, they can keep their organization safe and significantly elevate their standing.”

Remember when several massive ransomware attacks went global and hit many big businesses? Outbreaks such as Petya and WannaCry really put the malware threat on the IT agenda and made cybersecurity a priority for everyone. But it doesn’t stop with malware, there are many more security threats out there. The attackers’ arsenal is expanding and becoming more complex. Fredrik Svantes, Senior Information Security Manager at Basefarm, discussed with us the latest developments that keep the cybersecurity community busy.

1. Use of standard tools by attackers

Many companies have become much more aware of the need to be more secure. Greater cybersecurity efforts have made it harder for attackers to remain undetected while they are within their target’s network. In its recent annual report, the Dutch national intelligence agency AIVD reports an increase in the use of standard tools for attacks, some from nations dabbling in digital espionage. Fredrik Svantes, sees this happening more and more: “Attackers don’t want to get caught while stealing valuable data. High-profile targets deploy many security systems, malware detection systems for example. If attackers use specific “hacker tools” in their reconnaissance phase, this will raise a red flag. So, they opt for standard Windows tools, like Microsoft Power Shell, to look around in the network.”

2. Big data becomes a security system

How to keep out attackers who apply standard tools? Basically, this comes down to setting up a baseline for how employees use their systems. This is where big data analytics comes into the picture as it can help detect anomalies. “For instance, technicians will have certain work routines, while people in the finance department have a different workflow. When suddenly someone in the finance department opens Power Shell, this is not a standard behavior. This will trigger warning signals even though it just happens to be a standard Windows application.” Especially users with high security risks, like government and companies with significant volumes of IP or critical data to protect, rely on big data for security. Svantes: “Facebook does so for sure.”

3. Security professionals are hard to find

Organizations looking to hire security professionals find themselves competing in a fierce market. “If you need security personnel in about a year, you’d better start recruiting them now,” says Svantes. “You can’t start recruiting just three months before an important project.” Although the situation might be improving, with several top European universities introducing security education programs, right now the lack of experts is a huge problem. For most companies, the best immediate bet is to look for external partners who can help to secure their IT. “Not every company needs a team of security professionals, but what everyone does need is people who are security aware. For example, developers should have security in the back of their minds while working on their projects.”

4. Your servers turn into secret bitcoin miners

Regardless of the market you operate in, a trend that is emerging is criminals utilizing compromised servers for crypto mining which requires high amounts of computing power. “To have a single server mining for cryptocurrency is not very efficient, but it adds up when you have thousands of compromised servers working for you. Because crypto mining networks use substantial resources, the increase of resource usage can often set off alarm bells if proper detection measures are in place.” How can attackers be kept out? Most importantly, make sure your systems are up to date. Don’t leave things unpatched or run old versions of software. And of course: don’t click on everything you see. Attackers still see e-mail scams as an attractive “way in”.

5. A shift from prevention to detection

“It’s one thing to try to protect your company, but there is no way to be 100% protected,” Svantes states. “The past couple of years have witnessed a strong focus on preventing attacks from happening. But now, many companies are waking up to the fact that they can only prevent so much. What they can do however, is try to detect intrusions as soon as they happen.” In a world of changing threats and compute-everywhere environments, the old security paradigm of just building bigger walls will be replaced by a continuum from block to allow. Machine Learning is becoming the key technology for predicting, detecting and preventing known and unknown threats. According to Gartner, deploying threat detection and response tools is a top priority for Chief Information Security Officers (CISOs). These investments can make a big difference. A recent report published by the US Ponemon Institute calculates that when an intrusion is found in less than 100 days, the average cost is $2.8 million. When detection takes longer than 100 days, the expense jumps to $3.8 million.

Want more information?

Read more about our emphasis on security here, our security standards here and our security services here!

Share this entry
  • Share on Facebook
  • Share on Twitter
  • Share on Google+
  • Share on Pinterest
  • Share on Linkedin
  • Share by Mail

Cybersecurity Updates For Week 17 of 2022

April 29, 2022/in Security blog /by Sjir Bagmeijer

New Nimbuspwn Linux vulnerability gives hackers root privileges A new set of vulnerabilities collectively tracked as Nimbuspwn could let local attackers escalate privileges on Linux systems to deploy malware ranging from backdoors to ransomware. Read more: https://www.bleepingcomputer.com/news/security/new-nimbuspwn-linux-vulnerability-gives-hackers-root-privileges/ Security alert: Attack campaign involving stolen OAuth user tokens issued to two third-party integrators On April 12, GitHub […]

Read more
https://blog.basefarm.com/wp-content/uploads/2022/04/Cybersecurity-updates-for-week-17-of-2022-scaled.jpg 1709 2560 Sjir Bagmeijer https://blog.basefarm.com/wp-content/uploads/2018/03/basefarm-logo-blue-1.png Sjir Bagmeijer2022-04-29 12:20:182022-04-29 12:20:18Cybersecurity Updates For Week 17 of 2022

Cybersecurity Updates For Week 16 of 2022

April 22, 2022/in Security blog /by Sjir Bagmeijer

CVE-2021-3970, CVE-2021-3971, CVE-2021-3972: Lenovo UEFI Firmware Vulnerabilities Security company ESET discovered 3 new vulnerabilities in the UEFI firmware of Lenovo laptops which affected hundreds of Lenovo models including Lenovo Flex; IdeaPads; Legion; V14, V15, and V17 series; and Yoga laptops. Read more: https://securityonline.info/cve-2021-3970-lenovo-uefi-firmware-vulnerabilities/ Hackers Are Getting Caught Exploiting New Bugs More Than Ever A pair […]

Read more
https://blog.basefarm.com/wp-content/uploads/2022/04/cybersecurity-updates-for-week-16-of-2022-scaled.jpg 1707 2560 Sjir Bagmeijer https://blog.basefarm.com/wp-content/uploads/2018/03/basefarm-logo-blue-1.png Sjir Bagmeijer2022-04-22 07:40:152022-04-26 11:09:12Cybersecurity Updates For Week 16 of 2022

Cybersecurity Updates For Week 15 of 2022

April 15, 2022/in Security blog /by Sjir Bagmeijer

Microsoft Issues Patches for 2 Windows Zero-Days and 126 Other Vulnerabilities Microsoft’s Patch Tuesday updates for the month of April have addressed a total of 128 security vulnerabilities spanning across its software product portfolio, including Windows, Defender, Office, Exchange Server, Visual Studio, and Print Spooler, among others. Read more: https://thehackernews.com/2022/04/microsoft-issues-patches-for-2-windows.html Menswear Brand Zegna Reveals Ransomware […]

Read more
https://blog.basefarm.com/wp-content/uploads/2022/04/Cybersecurity-updates-for-week-15-of-2022-scaled.jpg 1707 2560 Sjir Bagmeijer https://blog.basefarm.com/wp-content/uploads/2018/03/basefarm-logo-blue-1.png Sjir Bagmeijer2022-04-15 09:19:062022-04-26 11:09:18Cybersecurity Updates For Week 15 of 2022

Cybersecurity Updates For Week 14 of 2022

April 8, 2022/in Security blog /by Sjir Bagmeijer

Cado Discovers Denonia: The First Malware Specifically Targeting Lambda Cado Labs routinely analyses cloud environments to look for the latest threats. As part of ongoing research, we found the first publicly-known case of malware specifically designed to execute in an AWS Lambda environment. Read more: https://www.cadosecurity.com/cado-discovers-denonia-the-first-malware-specifically-targeting-lambda/ VMware Patches Multiple Vulnerabilities in Workspace ONE, Identity and […]

Read more
https://blog.basefarm.com/wp-content/uploads/2022/04/cybersecurity-updates-for-week-14-of-2022-scaled.jpg 1707 2560 Sjir Bagmeijer https://blog.basefarm.com/wp-content/uploads/2018/03/basefarm-logo-blue-1.png Sjir Bagmeijer2022-04-08 09:22:372022-04-26 11:09:23Cybersecurity Updates For Week 14 of 2022

Cybersecurity Updates For Week 13 of 2022

April 1, 2022/in Security blog /by Sjir Bagmeijer

Spring Core on JDK9+ is vulnerable to remote code executio Spring Core on JDK9+ is vulnerable to remote code execution due to a bypass for CVE-2010-1622. At the time of writing, this vulnerability is unpatched in Spring Framework and there is a public proof-of-concept available. As we have remediation advice for customers (see below), we […]

Read more
https://blog.basefarm.com/wp-content/uploads/2022/04/cybersecurity-updates-for-week-13-of-2022-scaled.jpg 1440 2560 Sjir Bagmeijer https://blog.basefarm.com/wp-content/uploads/2018/03/basefarm-logo-blue-1.png Sjir Bagmeijer2022-04-01 12:56:482022-04-26 11:09:27Cybersecurity Updates For Week 13 of 2022

Cybersecurity Updates For Week 12 of 2022

March 25, 2022/in Security blog /by Sjir Bagmeijer

Okta’s Investigation of the January 2022 Compromise On March 22, 2022, nearly 24 hours ago, a number of screenshots were published online that were taken from a computer used by one of Okta’s third-party customer support engineers. Read more: https://www.okta.com/blog/2022/03/oktas-investigation-of-the-january-2022-compromise/ Microsoft confirms Lapsus$ breach after hackers publish Bing, Cortana source code Microsoft has confirmed that […]

Read more
https://blog.basefarm.com/wp-content/uploads/2022/03/cybersecurity-updates-for-week-12-of-2022-scaled.jpg 1440 2560 Sjir Bagmeijer https://blog.basefarm.com/wp-content/uploads/2018/03/basefarm-logo-blue-1.png Sjir Bagmeijer2022-03-25 19:10:262022-04-26 11:09:31Cybersecurity Updates For Week 12 of 2022

Cybersecurity Updates For Week 11 of 2022

March 18, 2022/in Security blog /by Sjir Bagmeijer

High-Severity DoS Vulnerability Patched in OpenSSL OpenSSL updates announced on Tuesday patch a high-severity denial-of-service (DoS) vulnerability related to certificate parsing. Read more: https://www.securityweek.com/high-severity-dos-vulnerability-patched-openssl CISOs face ‘perfect storm’ of ransomware and state-supported cybercrime With not just ransomware gangs raiding network after network, but nation states consciously turning a blind eye to it, today’s chief information […]

Read more
https://blog.basefarm.com/wp-content/uploads/2022/03/cybersecurity-updates-for-week-11-of-2022-scaled.jpg 1707 2560 Sjir Bagmeijer https://blog.basefarm.com/wp-content/uploads/2018/03/basefarm-logo-blue-1.png Sjir Bagmeijer2022-03-18 11:37:462022-04-26 11:09:36Cybersecurity Updates For Week 11 of 2022

Cybersecurity Updates For Week 10 of 2022

March 11, 2022/in Security blog /by Sjir Bagmeijer

Intel and Arm CPUs have a major security flaw A new Spectre class speculative execution vulnerability, called Branch History Injection (BHI) or Spectre-BHB, was jointly disclosed on Tuesday by VUSec security research group and Intel. Read more: https://www.techspot.com/news/93706-arm-intel-cpus-vulnerable-new-spectre-style-attack.html Microsoft tests new cloud-based Microsoft Defender for home users Microsoft has announced that the company’s new cloud-based […]

Read more
https://blog.basefarm.com/wp-content/uploads/2022/03/cybersecurity-updates-for-week-10-of-2022-scaled.jpg 1921 2560 Sjir Bagmeijer https://blog.basefarm.com/wp-content/uploads/2018/03/basefarm-logo-blue-1.png Sjir Bagmeijer2022-03-11 10:08:432022-04-26 11:09:41Cybersecurity Updates For Week 10 of 2022

Cybersecurity Updates For Week 9 of 2022

March 4, 2022/in Security blog /by Sjir Bagmeijer

DORA’s Global Reach and Why Enterprises Need to Prepare A new cybersecurity regulation is coming to the European financial services sector, and its authority will be felt worldwide. Read more: https://www.darkreading.com/risk/dora-s-global-reach-and-why-enterprises-need-to-prepare Shadowserver Special Reports – Cyclops Blink On 2022-03-03 we sent out a second special report with an additional 673 IPs likely infected with Cyclops […]

Read more
https://blog.basefarm.com/wp-content/uploads/2022/03/cybersecurity-updates-for-week-9-of-2022-scaled.jpg 1709 2560 Sjir Bagmeijer https://blog.basefarm.com/wp-content/uploads/2018/03/basefarm-logo-blue-1.png Sjir Bagmeijer2022-03-04 10:56:112022-04-26 11:09:44Cybersecurity Updates For Week 9 of 2022

Cybersecurity Updates For Week 8 of 2022

February 25, 2022/in Security blog /by Sjir Bagmeijer

New Data-Wiping Malware Discovered on Systems in Ukraine Researchers were scrambling to analyze a newly discovered piece of data-wiping malware found in the wild. Read more: https://www.darkreading.com/attacks-breaches/new-data-wiping-malware-discovered-on-systems-in-ukraine Notorious TrickBot Malware Gang Shuts Down its Botnet Infrastructure The modular Windows crimeware platform known as TrickBot formally shuttered its infrastructure on Thursday after reports emerged of its […]

Read more
https://blog.basefarm.com/wp-content/uploads/2022/02/cybersecurity-updates-for-week-8-of-2022-scaled.jpg 1709 2560 Sjir Bagmeijer https://blog.basefarm.com/wp-content/uploads/2018/03/basefarm-logo-blue-1.png Sjir Bagmeijer2022-02-25 12:45:572022-04-26 11:09:48Cybersecurity Updates For Week 8 of 2022
Page 1 of 63123›»

Recent Posts

  • Cybersecurity Updates For Week 17 of 2022
  • Cybersecurity Updates For Week 16 of 2022
  • Cybersecurity Updates For Week 15 of 2022
  • Cybersecurity Updates For Week 14 of 2022
  • Cybersecurity Updates For Week 13 of 2022
Subscribe via RSS

Recent Comments

  • kuncham on Oracle fixes vulnerabilities
  • Oracle Appications on Oracle Patch Update April 2013
  • Anudeep on How to install Logstash on Windows Server 2012 with Kibana in IIS.
  • Kumar on How to install Logstash on Windows Server 2012 with Kibana in IIS.
  • Øyvind Dyrnes on December 2 – Regularly download security updates and “patches”

Archive

  • 2022
  • 2021
  • 2020
  • 2019
  • 2018
  • 2017
  • 2016
  • 2015
  • 2014
  • 2013
  • 2012
  • 2011
© Copyright - Basefarm Security Blog
  • Facebook
  • Twitter
  • Instagram
  • Mail
Hybrid cloud for peak loads at Gotland Ferry Service Faster time to market with automated workflow
Scroll to top