Firewall News

Top Menu

  • Home
  • Our Blog
  • Contact Us

Main Menu

  • Software Updates
  • Alerts & Bugs
  • Out of the Box
  • Home
  • Our Blog
  • Contact Us

Firewall News

Firewall News

  • Software Updates
    • WatchGuard logo

      TDR 6.0.0 is now integrated into WatchGuard Cloud

      04/01/2021
      0
    • Sophos Logo

      XG Firewall 17.5 MR14 Released

      30/07/2020
      0
    • Sophos Logo

      Sophos Firewall Manager SFM 17.1 MR4 Released

      27/07/2020
      0
    • Sophos Logo

      Sophos Enterprise console - Endpoint Security and Control v10.8.9 for Windows has ...

      16/07/2020
      0
    • Sophos Logo

      Sophos iView v3 MR-2 Released

      07/07/2020
      0
    • Sophos Logo

      SD-RED Firmware 3.0.002 Pattern Update

      06/07/2020
      0
    • Sophos Logo

      XG Firewall 17.5 MR13 Released

      06/07/2020
      0
    • Sophos Logo

      End-of-Life (EoL) announcement for old firmware v17 and v17.1 for XG Firewall

      03/07/2020
      0
    • WatchGuard logo

      Fireware 12.5.4 Now Available

      01/07/2020
      0
  • Alerts & Bugs
    • Sophos Logo

      Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

      29/03/2022
      0
    • Sophos Logo

      Sophos: Important Product Lifecycle Updates

      03/03/2022
      0
    • WatchGuard logo

      WatchGuard Support Alert

      23/02/2022
      0
    • Sophos Logo

      Sophos: Important Product Lifecycle Reminder

      03/02/2022
      0
    • Sophos Logo

      Sophos: Product Lifecycle Information: Extended Support for Windows 7 and Windows Server ...

      31/01/2022
      0
    • Sophos Logo

      End-of-Life (EoL) announcement for Sophos SSL VPN Client

      29/11/2021
      0
    • WatchGuard logo

      WatchGuard: macOS Monterey 12.0.1 Does Not Support the AuthPoint Logon App

      09/11/2021
      0
    • Sophos Logo

      Sophos UTM Manager (SUM) End of Distribution

      04/11/2021
      0
    • WatchGuard logo

      WatchGuard: End of Sale Notice: AP420

      01/11/2021
      0
  • Out of the Box
    • WatchGuard’s Firebox T80 Earns 5-Star Rating in SC Labs Review

      17/11/2020
      0
    • WatchGuard Wins Big in CRN 2020 Tech Innovator Awards

      16/11/2020
      0
    • Coronavirus scams: what to look for and how to stop them

      02/04/2020
      0
    • Dell SonicWALL TZ 300

      Out the Box - Dell SonicWALL TZ 300

      05/07/2016
      0
    • Dell SonicWALL TZ SOHO

      Out the Box - Dell SonicWALL TZ SOHO

      05/07/2016
      0
    • WatchGuard Firebox T50

      WatchGuard Firebox T50

      31/03/2016
      0
    • WatchGuard Firebox M200

      WatchGuard Firebox M200

      31/03/2016
      0
NewsWatchGuard
Home›News›WatchGuard Report Details COVID-19 Impact on Security Threat Landscape

WatchGuard Report Details COVID-19 Impact on Security Threat Landscape

By admin
09/12/2020
470
0
Share:
WatchGuard logo

Q3 2020 Internet Security Report sheds light on COVID-19 threat trends, growing network attacks, malware targeting U.S. SCADA systems, and more

Body

SEATTLE – December 9, 2020 –WatchGuard® Technologies, a global leader in network security and intelligence, advanced endpoint protection, multi-factor authentication and secure Wi-Fi, today announced the release of its Internet Security Report for Q3 2020. Top findings from the research reveal how COVID-19 has impacted the security threat landscape, with evidence that attackers continue to target corporate networks despite the shift to remote work, and a rise in pandemic-related malicious domains and phishing campaigns.

“As the impact of COVID-19 continues to unfold, our threat intelligence provides key insight into how attackers are adjusting their tactics,” said Corey Nachreiner, chief technology officer at WatchGuard. “While there’s no such thing as ‘the new normal’ when it comes to security, businesses can be sure that increasing protection for both the endpoint and the network will be a priority in 2021 and beyond. It will also be important to establish a layered approach to information security, with services that can mitigate evasive and encrypted attacks, sophisticated phishing campaigns and more.”

WatchGuard’s Internet Security Reports inform businesses, their partners and end customers with hard data, expert analysis and actionable insights on the latest malware and network attack trends as they emerge and influence the ever-evolving threat landscape. Key findings from the Q3 2020 report include:
 

  • Network attacks and unique detections both hit two-year highs – Network attacks swelled to more than 3.3 million in Q3, representing a 90% increase over the previous quarter and the highest level in two years. Unique network attack signatures also continued on an upward trajectory, reaching a two-year high in Q3 as well. These findings highlight the fact that businesses must prioritize maintaining and strengthening protections for network-based assets and services, even as workforces become increasingly remote.
  • COVID-19 scams grow in prevalence – In Q3, a COVID-19 adware campaign running on websites used for legitimate pandemic support purposes made WatchGuard’s list of the top 10 compromised websites. WatchGuard also uncovered a phishing attack that leverages Microsoft SharePoint to host a pseudo-login page impersonating the United Nations (UN), and the email hook contained messaging around small business relief from the UN due to COVID-19. These findings further emphasize that attackers will continue to leverage the fear, uncertainty, and doubt surrounding the global health crisis to entice and fool their victims.
  • Businesses click on hundreds of phishing attacks and bad links – In Q3, WatchGuard’s DNSWatch service blocked a combined 2,764,736 malicious domain connections, which translates to 499 blocked connections per organization in total. Breaking it down further, each organization would have reached 262 malware domains, 71 compromised websites, and 52 phishing campaigns. Combined with the aforementioned rise in convincing COVID-19 scams, these findings illustrate the importance of deploying DNS filtering services and user security awareness training.
  • Attackers probe for vulnerable SCADA systems in the U.S. – The one new addition to WatchGuard’s most-widespread network attacks list in Q3 exploits a previously patched authentication bypass vulnerability in a popular supervisory control and data acquisition (SCADA) control system. While this class of vulnerability isn’t as serious as a remote code execution flaw, it could still allow an attacker to take control of the SCADA software running on the server. Attackers targeted nearly 50% of U.S. networks with this threat in Q3, highlighting that industrial control systems could be a major focus area for bad actors in the coming year.
  • LokiBot look-a-like debuts as a top widespread malware variant– Farelt, a password stealer that resembles LokiBot, made its way into WatchGuard’s top five most-widespread malware detections list in Q3. Though it is unclear if the Farelt botnet uses the same command and control structure as LokiBot, there’s a high probability the same group, SilverTerrier, created both malware variants. This botnet takes many steps to bypass antivirus controls and fool users into installing the malware. While researching the threat, WatchGuard found strong evidence indicating the malware has likely targeted many more victims than the data suggests.
  • Emotet persists – Emotet, a prolific banking trojan and known password stealer, made its debut on WatchGuard’s top ten malware list for the first time in Q3 and narrowly missed the top ten list of domains distributing malware (by only a few connections). Despite coming in at #11 for the latter list, this appearance is particularly notable, as the WatchGuard Threat Lab and other research teams have seen current Emotet infections dropping additional payloads like Trickbot and even the Ryuk ransomware with no signs of slowing down.

WatchGuard’s quarterly research reports are based on anonymized Firebox Feed data from active WatchGuard appliances whose owners have opted in to share data to support the Threat Lab’s research efforts. In Q3, nearly 48,000 WatchGuard appliances contributed data to the report (the most ever), blocking a total of more than 21.5 million malware variants (450 per device) and more than 3.3 million network threats (or roughly 70 detections per appliance). Firebox appliances continued their upward trend of unique signature detections as well, collectively identifying and blocking 438 unique attack signatures – a 6.8% increase over Q2 and the most since Q4 2018.

The complete report includes in-depth research and key defensive best practices that businesses of all sizes can use to protect themselves against modern security threats. The report also features a detailed analysis of the historic Twitter hack that compromised 130 high-profile accounts to promote a Bitcoin scam in July 2020.

Read WatchGuard’s full Q3 2020 Internet Security Report here today: https://www.watchguard.com/wgrd-resource-center/security-report-q3-2020.

Previous Article

TDR Outage in EU

Next Article

Advisory: Sophos Central Maintenance scheduled for Saturday, ...

0
Shares
  • 0
  • +
  • 0
  • 0
  • 0
  • 0

Related articles More from author

  • Fortinet
    FortinetNews

    Fortinet Again Named as a Leader in the 2020 Gartner Magic Quadrant for Network Firewalls

    13/11/2020
    By admin
  • Fortinet
    FortinetNews

    Fortinet Advanced Endpoint Security Blocks 100% of Malware in AV-Comparatives Real-World Protection Test

    03/06/2020
    By admin
  • BarracudaNews

    Threat Spotlight: Conversation Hijacking

    16/01/2020
    By admin
  • Sophos Safeguard Encryption
    News

    Sophos – Safeguard Encryption “worth checking out” says SC Magazine

    16/01/2019
    By admin
  • NewsWatchGuard

    CRN Recognizes WatchGuard Leaders in its Women of the Channel and Power 100 lists for 2020

    12/05/2020
    By admin
  • Sophos Logo
    NewsSophos

    Media Alert: SophosLabs Reports on 30 Fleeceware Apps Targeting iPhones

    08/04/2020
    By admin

  • Fortinet
    FortinetNews

    Customers Choose Fortinet Secure SD-WAN for True WAN Edge Transformation

  • WatchGuard logo
    Software UpdatesWatchGuard

    TDR 6.0.0 is now integrated into WatchGuard Cloud

  • FortinetNews

    Fortinet Expands Integration of Cloud Security Offerings with Microsoft Azure to Provide Advanced Protection

Timeline

  • 29/03/2022

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

  • 03/03/2022

    Sophos: Important Product Lifecycle Updates

  • 01/03/2022

    Shoring up your cybersecurity posture in light of ongoing crisis

  • 23/02/2022

    WatchGuard Support Alert

  • 03/02/2022

    Sophos: Important Product Lifecycle Reminder

Sponsored Links

Latest Comments

  • Paul Sillars
    on
    21/06/2016
    I received this in an email this morning, it was the first I heard about it ...

    Dell Software Group sold to help fund looming EMC deal

  • Paul Sillars
    on
    20/06/2016
    This is going to be an interesting one to watch. Especially after today's announcement that ...

    Ingram Micro gets distribution access to Dell’s security range in Australia

Find us on Facebook

Firewall.News Logo

This site serves more as a reference point for some of the major security vendor's updates and product/press releases

It will never be a definitive list, but it helps our customers keep up to date and also allows us to express our comment and observations as well.

About us

  • PO Box 451, North Lakes, Queensland, 4509, Australia
  • [email protected]
  • Recent

  • Popular

  • Comments

  • Sophos Logo

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

    By admin
    29/03/2022
  • Sophos Logo

    Sophos: Important Product Lifecycle Updates

    By admin
    03/03/2022
  • Shoring up your cybersecurity posture in light of ongoing crisis

    By admin
    01/03/2022
  • WatchGuard logo

    WatchGuard Support Alert

    By admin
    23/02/2022
  • Dell SonicWALL Supermassive

    Ingram Micro gets distribution access to Dell’s security range in Australia

    By admin
    14/06/2016
  • Francisco Partners and Elliott Management to Acquire the Dell Software Group

    Dell Software Group sold to help fund looming EMC deal

    By admin
    21/06/2016
  • WatchGuard Firebox M500 – The Cure for HTTPS Performance Headaches

    By admin
    05/03/2015
  • Sophos Logo

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

    By admin
    29/03/2022
  • Paul Sillars
    on
    21/06/2016

    Dell Software Group sold to help fund looming EMC deal

    I received this in ...
  • Paul Sillars
    on
    20/06/2016

    Ingram Micro gets distribution access to Dell’s security range in Australia

    This is going to ...

Follow Me

  • Contact
  • About Us
  • Home