Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

4/27/2018
03:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Endpoints Still Vulnerable to Breaches Despite Antivirus Tech Advancements: Survey

Petach Tikva, Israel – April 25, 2018 – Minerva Labs, a leading provider of anti-evasion technology for enterprise endpoints, today announced the results of a survey of 600 IT security professionals which found endpoint security solutions are failing to provide adequate protections to address today’s security threats, specifically malware. A majority of the respondents surveyed indicated a heightened concern of a major malware breach in the coming year and acknowledged that they require more than an antivirus (AV) solution on the endpoint to combat the rising threat.

After a year of massive ransomware outbreaks, NSA state-grade exploit leaks, and an extraordinary number of cybersecurity meltdowns, defenders are not getting ahead despite the continued innovation in endpoint security technologies. The uptick in attacks demonstrates that attackers are not standing still, and evasion methods are becoming increasingly accessible. In fact, nearly half of the respondents surveyed (48%) said that they have seen about the same number of malware infections than previous years while almost one-third (32%) claim to have seen an increase in malware infections. This further corresponds with the extent to which respondents feel their current endpoint defenses are protecting them against modern malware threats: three-quarters of respondents deemed their existing anti-malware solutions to be able to prevent no more than 70% of infections.

These findings demonstrate that today’s endpoint solutions cannot address sophisticated malware, specifically those threats that use evasion techniques.

According to the Minerva Labs survey, the malware evasion techniques that posed the biggest concern are avoidance of malware analysis and forensic tools (32%) followed by fileless or memory injection attacks (24%).

Attacks that use malicious documents also raised concerns (24%). Two-thirds of respondents (67%) were concerned that existing controls won't prevent a significant malware attack on the endpoints. Furthermore, the survey found that over half of the respondents (53%) preferred adding a meaningful layer to their endpoint security stack instead of completely replacing their existing AV.

Nearly 39% of IT leaders said that besides security benefits, the other operational aspects they find most important when adding a security layer on the endpoint is the ability for it to work even on low-resource systems. 28% expressed easy deployment and upgrades across multiple endpoints were important while 18% valued the ability to not interfere with current business applications.

With the increase in ransomware and other malware threats, the time it takes to remediate these attacks is crucial to enterprises today. The good news is that 41% of respondents said that when faced with a compromised endpoint, within hours the endpoint is restored to a normal state. However, there is still some room for major improvements, as more than 40% said it takes days or weeks to return to a normal state.

“The results from our survey indicate that while malware threats are still growing, endpoints remain highly vulnerable to a cyber-attack,” said Eddy Bobritsky, Co-Founder & CEO of Minerva Labs. “We continue to see more complex and sophisticated threats, where traditional blocking and prevention mechanisms, such as antivirus, are no longer enough to keep endpoints safe. Beyond merely relying on baseline anti-malware solutions to protect endpoints, companies should strengthen their endpoint security architecture to get ahead of adversaries, such as blocking off attempts to get around existing security tools.”

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-29144
PUBLISHED: 2020-11-27
In Ericsson BSCS iX R18 Billing & Rating iX R18, MX is a web base module in BSCS iX that is vulnerable to stored XSS via an Alert Dashboard comment. In most test cases, session hijacking was also possible by utilizing the XSS vulnerability. This potentially allows for full account takeover, or e...
CVE-2020-29145
PUBLISHED: 2020-11-27
In Ericsson BSCS iX R18 Billing & Rating iX R18, ADMX is a web base module in BSCS iX that is vulnerable to stored XSS via the name or description field to a solutionUnitServlet?SuName=UserReferenceDataSU Access Rights Group. In most test cases, session hijacking was also possible by utilizing t...
CVE-2020-29136
PUBLISHED: 2020-11-27
In cPanel before 90.0.17, 2FA can be bypassed via a brute-force approach (SEC-575).
CVE-2020-29137
PUBLISHED: 2020-11-27
cPanel before 90.0.17 allows self-XSS via the WHM Transfer Tool interface (SEC-577).
CVE-2020-29135
PUBLISHED: 2020-11-27
cPanel before 90.0.17 has multiple instances of URL parameter injection (SEC-567).