With today’s dynamic threat environment, security professionals need insight on the latest threats and adversary techniques, as well as perspective on what is most significant over a broader population and time frame. Invincea’s semiannual threat report documents the noteworthy threats we observe, often weeks before other security firms due to our non-signature-based sensors deployed across our global user base. With two million users worldwide, Invincea has a uniquely broad view into the latest malware and attack vectors.
This report highlights five trends and events that dominated threat activity in the first half of the year:
- The billion dollar malvertising problem
- The rapid emergence of Just-in-Time Malware assembly
- The evolution of weaponized Office attachments
- The ongoing Fessleak ransomware and click-fraud campaign
- White House and Anthem breaches: Advanced adversaries, commonplace approaches
These threats are notable because they evaded every other security control present in the enterprise – network sandbox, next-generation firewall, network IPS/IDS, Web URL filtering and proxy, anti-virus, and other technologies. Only Invincea Advanced Endpoint Protection stopped these attacks. Enterprise security teams are encouraged to focus the most attention on these risks during the balance of 2015 and 2016.
2015 Energy Industry Cybersecurity Report
Strategic Cybersecurity: A Toolkit for Prioritizing, Coordinating, and Transforming Your Cybersecurity Program