Vulnerabilities / Threats

6/15/2018
01:01 PM
50%
50%

Email, Social Media Still Security Nightmares

Phishing and banking trojans continue to be major threats brought into the enterprise.

Users are going to click on sketchy links, download iffy files, and go to dangerous web sites. And there's not a whole lot you can do about it. Those are just some of the conclusions in a threat report released on June 14.

The "Q1 2018 Quarterly Threat Report" published by ProofPoint shows that the old favorites are returning, as banking trojans replaced ransomware as the most common type of email-borne malware seen on user desktops. The shift appears, according to the report, to be due to a combination of a disruption to the Necurs botnet and the rise of other, more profitable, malware payloads.

In addition, social media support fraud, dubbed "angler phishing" saw a massive increase in the first quarter of 2018, appearing 200% more frequently than in the previous quarter. Looking for good news? Find it in exploit kits, which are rapidly and consistently declining in popularity as malware authors find other attacks to be easier and more profitable.

For more, read here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
BrianN060
50%
50%
BrianN060,
User Rank: Ninja
6/15/2018 | 2:35:49 PM
Email and social media security nightmares
Doubt if any readers here expected latest report to say differently.  Technology can help; don't expect comprehensive technical solutions.  Perhaps the first important step toward improving the situation is to recognize that despite the obvious technological aspects, email and social media are methods of human communication.  Start with looking more closely at how the nature of communication (rather than the means), have changed.  Consider what communication assumptions and expectations were before email and social media; then examine how that mindset and those habits have been exploited in the new environment.  Above all, keep in mind that every message sent and received via email or through social media is not from or to anyone.  That is often the assumption, and nearly always the intent; but in reality, it's all to and from devices - which we presume to be direct and exclusive conduits to some real person. 
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
The Fundamental Flaw in Security Awareness Programs
Ira Winkler, CISSP, President, Secure Mentem,  7/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14492
PUBLISHED: 2018-07-21
Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI.
CVE-2018-3770
PUBLISHED: 2018-07-20
A path traversal exists in markdown-pdf version <9.0.0 that allows a user to insert a malicious html code that can result in reading the local files.
CVE-2018-3771
PUBLISHED: 2018-07-20
An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser.
CVE-2018-5065
PUBLISHED: 2018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVE-2018-5066
PUBLISHED: 2018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.