Firewall News

Top Menu

  • Home
  • Our Blog
  • Contact Us

Main Menu

  • Software Updates
  • Alerts & Bugs
  • Out of the Box
  • Home
  • Our Blog
  • Contact Us

Firewall News

Firewall News

  • Software Updates
    • WatchGuard logo

      TDR 6.0.0 is now integrated into WatchGuard Cloud

      04/01/2021
      0
    • Sophos Logo

      XG Firewall 17.5 MR14 Released

      30/07/2020
      0
    • Sophos Logo

      Sophos Firewall Manager SFM 17.1 MR4 Released

      27/07/2020
      0
    • Sophos Logo

      Sophos Enterprise console - Endpoint Security and Control v10.8.9 for Windows has ...

      16/07/2020
      0
    • Sophos Logo

      Sophos iView v3 MR-2 Released

      07/07/2020
      0
    • Sophos Logo

      SD-RED Firmware 3.0.002 Pattern Update

      06/07/2020
      0
    • Sophos Logo

      XG Firewall 17.5 MR13 Released

      06/07/2020
      0
    • Sophos Logo

      End-of-Life (EoL) announcement for old firmware v17 and v17.1 for XG Firewall

      03/07/2020
      0
    • WatchGuard logo

      Fireware 12.5.4 Now Available

      01/07/2020
      0
  • Alerts & Bugs
    • Sophos Logo

      Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

      29/03/2022
      0
    • Sophos Logo

      Sophos: Important Product Lifecycle Updates

      03/03/2022
      0
    • WatchGuard logo

      WatchGuard Support Alert

      23/02/2022
      0
    • Sophos Logo

      Sophos: Important Product Lifecycle Reminder

      03/02/2022
      0
    • Sophos Logo

      Sophos: Product Lifecycle Information: Extended Support for Windows 7 and Windows Server ...

      31/01/2022
      0
    • Sophos Logo

      End-of-Life (EoL) announcement for Sophos SSL VPN Client

      29/11/2021
      0
    • WatchGuard logo

      WatchGuard: macOS Monterey 12.0.1 Does Not Support the AuthPoint Logon App

      09/11/2021
      0
    • Sophos Logo

      Sophos UTM Manager (SUM) End of Distribution

      04/11/2021
      0
    • WatchGuard logo

      WatchGuard: End of Sale Notice: AP420

      01/11/2021
      0
  • Out of the Box
    • WatchGuard’s Firebox T80 Earns 5-Star Rating in SC Labs Review

      17/11/2020
      0
    • WatchGuard Wins Big in CRN 2020 Tech Innovator Awards

      16/11/2020
      0
    • Coronavirus scams: what to look for and how to stop them

      02/04/2020
      0
    • Dell SonicWALL TZ 300

      Out the Box - Dell SonicWALL TZ 300

      05/07/2016
      0
    • Dell SonicWALL TZ SOHO

      Out the Box - Dell SonicWALL TZ SOHO

      05/07/2016
      0
    • WatchGuard Firebox T50

      WatchGuard Firebox T50

      31/03/2016
      0
    • WatchGuard Firebox M200

      WatchGuard Firebox M200

      31/03/2016
      0
NewsWatchGuard
Home›News›New Security Report from WatchGuard Technologies Shows Explosion in Evasive Malware in Q4 2019

New Security Report from WatchGuard Technologies Shows Explosion in Evasive Malware in Q4 2019

By admin
24/03/2020
1265
0
Share:
WatchGuard logo

Report finds macOS adware and a 2017 Excel exploit running rampant, and includes an analysis of keylogger malware used in coronavirus-related phishing attacks.

SEATTLE – March 24, 2020 – WatchGuard® Technologies, a global leader in network security and intelligence, secure Wi-Fi and multi-factor authentication, today announced the release of its Internet Security Report for Q4 2019. It found that evasive malware grew to record high levels; over two-thirds of malware detected by WatchGuard’s Firebox security appliances in Q4 2019 evaded signature-based antivirus solutions. Obfuscated or evasive malware is becoming the rule, not the exception, and companies of all sizes desperately need to deploy advanced anti-malware solutions that can detect and block these attacks.

In addition, WatchGuard found widespread phishing campaigns exploiting a Microsoft Excel vulnerability from 2017. This ‘dropper’ malware downloads several other types of malware onto victims’ systems, including a keylogger named Agent Tesla that was also used in phishing attacks in February 2020 that preyed on fears of a coronavirus outbreak.

“Our findings from Q4 show that threat actors are always evolving their attack methods,” said Corey Nachreiner, chief technology officer at WatchGuard. “With over two-thirds of malware in the wild obfuscated to sneak past signature-based defenses, and innovations like Mac adware on the rise, businesses of all sizes need to invest in multiple layers of security. Advanced AI or behavioral-based anti-malware technology and robust phishing protection like DNS filtering will be especially crucial.”

WatchGuard’s Internet Security Report prepares businesses, service providers and end users with the data, trends, research and best practices they need to defend against today’s security threats. Here are the key findings from the Q4 2019 report:

  • Evasive malware made up 68% of total malware in Q4 2019 – This is a dramatic increase from the year-long average of 35% for 2019. WatchGuard UTM appliances have three anti-malware services; a signature-based antivirus, a machine-learning detection engine called IntelligentAV and a behavioral-based solution called APT Blocker. Malware is considered to be evasive when it makes it through the signature-based AV but is caught by one of the other two.
  • Microsoft Excel exploit still being heavily used – A vulnerability from 2017, this exploit was number seven on WatchGuard’s top ten malware list, and targeted Great Britain, Germany and New Zealand heavily. It is delivered via a phishing attack and exploits macros to download and install other types of malware including keyloggers like Agent Tesla and trojans like Razy.
  • Analysis of the Agent Tesla keylogger used in coronavirus phishing attacks – WatchGuard’s report includes an analysis of the Agent Tesla keylogger used in phishing attacks in February 2020 that aimed to manipulate fears around the coronavirus. Agent Tesla is one of several pieces of malware delivered via the aforementioned Microsoft Excel dropper malware.
  • Mac adware jumps in popularity in Q4 – One of the top compromised websites WatchGuard detected in Q4 2019 hosts a macOS adware called Bundlore that masquerades as an Adobe Flash update. This lines up with a MalwareBytes report from February 2020 that showed a rise in Mac malware, particularly adware.
  • SQL injection attacks became the top network attack in 2019 – SQL injection attacks rose an enormous 8000% in total between 2018 and 2019, becoming the most common network attack of the year by a significant margin.
  • Hackers increasingly using automated malware distribution – Many attacks hit 70 to 80 percent of all Fireboxes in a single country, suggesting attackers are automating their attacks more frequently.

The findings included in WatchGuard’s Internet Security Report are drawn from anonymized Firebox Feed data from active WatchGuard UTM appliances whose owners have opted in to share data to support the Threat Lab’s research efforts. Today, over 40,000 appliances worldwide contribute threat intelligence data to the report. In Q4 2019, they blocked over 34,500,000 malware variants in total (859.5 samples per device) and approximately 1,879,000 network attacks (47 attacks per device).

The complete report also includes key defensive best practices that organizations of all sizes can use to protect themselves in today’s threat landscape and a detailed analysis the MageCart JavaScript malware used in the Macy’s payment card data breach in October 2019.

For more information, download the full report here

Previous Article

Simple Steps to Protect You Against COVID-19 ...

Next Article

SonicWALL latest awards

0
Shares
  • 0
  • +
  • 0
  • 0
  • 0
  • 0

Related articles More from author

  • NewsSonicWALL

    SonicWall Secures 3 Spots on Annual CRN Channel Chief List

    12/02/2020
    By admin
  • Sophos Leader Endpoint
    News

    Sophos is a leader in the Endpoint Protection Platform Magic Quadrant

    31/01/2018
    By admin
  • BarracudaNews

    What’s new in Barracuda CloudGen Firewall Release 8

    10/09/2019
    By admin
  • Sophos Logo
    NewsSophos

    Media Alert: SophosLabs Details Morphing Components of MyKings Cryptominer

    18/12/2019
    By admin
  • Sophos Logo
    NewsSophos

    Media Alert: Sextortion Money Trail Leads to Underbelly of Cybercriminal Activity, According to SophosLabs Report

    22/04/2020
    By admin
  • WatchGuard logo
    NewsWatchGuard

    Champion at “VPN” and “Endpoint Protection”

    18/01/2021
    By admin

  • Sophos XG Firewall Delivering
    News

    Sophos XG Firewall: delivering industry firsts

  • Intercept X - data scientist view
    News

    Sophos – Intercept X: the data scientist’s view

  • WatchGuard logo
    News

    WatchGuard Preventing Ransomware Attacks with Host Ransomware Prevention

Timeline

  • 29/03/2022

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

  • 03/03/2022

    Sophos: Important Product Lifecycle Updates

  • 01/03/2022

    Shoring up your cybersecurity posture in light of ongoing crisis

  • 23/02/2022

    WatchGuard Support Alert

  • 03/02/2022

    Sophos: Important Product Lifecycle Reminder

Sponsored Links

Latest Comments

  • Paul Sillars
    on
    21/06/2016
    I received this in an email this morning, it was the first I heard about it ...

    Dell Software Group sold to help fund looming EMC deal

  • Paul Sillars
    on
    20/06/2016
    This is going to be an interesting one to watch. Especially after today's announcement that ...

    Ingram Micro gets distribution access to Dell’s security range in Australia

Find us on Facebook

Firewall.News Logo

This site serves more as a reference point for some of the major security vendor's updates and product/press releases

It will never be a definitive list, but it helps our customers keep up to date and also allows us to express our comment and observations as well.

About us

  • PO Box 451, North Lakes, Queensland, 4509, Australia
  • [email protected]
  • Recent

  • Popular

  • Comments

  • Sophos Logo

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

    By admin
    29/03/2022
  • Sophos Logo

    Sophos: Important Product Lifecycle Updates

    By admin
    03/03/2022
  • Shoring up your cybersecurity posture in light of ongoing crisis

    By admin
    01/03/2022
  • WatchGuard logo

    WatchGuard Support Alert

    By admin
    23/02/2022
  • Dell SonicWALL Supermassive

    Ingram Micro gets distribution access to Dell’s security range in Australia

    By admin
    14/06/2016
  • Francisco Partners and Elliott Management to Acquire the Dell Software Group

    Dell Software Group sold to help fund looming EMC deal

    By admin
    21/06/2016
  • WatchGuard Firebox M500 – The Cure for HTTPS Performance Headaches

    By admin
    05/03/2015
  • Sophos Logo

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

    By admin
    29/03/2022
  • Paul Sillars
    on
    21/06/2016

    Dell Software Group sold to help fund looming EMC deal

    I received this in ...
  • Paul Sillars
    on
    20/06/2016

    Ingram Micro gets distribution access to Dell’s security range in Australia

    This is going to ...

Follow Me

  • Contact
  • About Us
  • Home