Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

4/27/2018
03:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Endpoints Still Vulnerable to Breaches Despite Antivirus Tech Advancements: Survey

Petach Tikva, Israel – April 25, 2018 – Minerva Labs, a leading provider of anti-evasion technology for enterprise endpoints, today announced the results of a survey of 600 IT security professionals which found endpoint security solutions are failing to provide adequate protections to address today’s security threats, specifically malware. A majority of the respondents surveyed indicated a heightened concern of a major malware breach in the coming year and acknowledged that they require more than an antivirus (AV) solution on the endpoint to combat the rising threat.

After a year of massive ransomware outbreaks, NSA state-grade exploit leaks, and an extraordinary number of cybersecurity meltdowns, defenders are not getting ahead despite the continued innovation in endpoint security technologies. The uptick in attacks demonstrates that attackers are not standing still, and evasion methods are becoming increasingly accessible. In fact, nearly half of the respondents surveyed (48%) said that they have seen about the same number of malware infections than previous years while almost one-third (32%) claim to have seen an increase in malware infections. This further corresponds with the extent to which respondents feel their current endpoint defenses are protecting them against modern malware threats: three-quarters of respondents deemed their existing anti-malware solutions to be able to prevent no more than 70% of infections.

These findings demonstrate that today’s endpoint solutions cannot address sophisticated malware, specifically those threats that use evasion techniques.

According to the Minerva Labs survey, the malware evasion techniques that posed the biggest concern are avoidance of malware analysis and forensic tools (32%) followed by fileless or memory injection attacks (24%).

Attacks that use malicious documents also raised concerns (24%). Two-thirds of respondents (67%) were concerned that existing controls won't prevent a significant malware attack on the endpoints. Furthermore, the survey found that over half of the respondents (53%) preferred adding a meaningful layer to their endpoint security stack instead of completely replacing their existing AV.

Nearly 39% of IT leaders said that besides security benefits, the other operational aspects they find most important when adding a security layer on the endpoint is the ability for it to work even on low-resource systems. 28% expressed easy deployment and upgrades across multiple endpoints were important while 18% valued the ability to not interfere with current business applications.

With the increase in ransomware and other malware threats, the time it takes to remediate these attacks is crucial to enterprises today. The good news is that 41% of respondents said that when faced with a compromised endpoint, within hours the endpoint is restored to a normal state. However, there is still some room for major improvements, as more than 40% said it takes days or weeks to return to a normal state.

“The results from our survey indicate that while malware threats are still growing, endpoints remain highly vulnerable to a cyber-attack,” said Eddy Bobritsky, Co-Founder & CEO of Minerva Labs. “We continue to see more complex and sophisticated threats, where traditional blocking and prevention mechanisms, such as antivirus, are no longer enough to keep endpoints safe. Beyond merely relying on baseline anti-malware solutions to protect endpoints, companies should strengthen their endpoint security architecture to get ahead of adversaries, such as blocking off attempts to get around existing security tools.”

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Turning Up the Heat on North Korea's Cyber Threat Operations
Jai Vijayan, Contributing Writer,  9/16/2019
MITRE Releases 2019 List of Top 25 Software Weaknesses
Kelly Sheridan, Staff Editor, Dark Reading,  9/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "He's too shy to invite me out face to face!"
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16680
PUBLISHED: 2019-09-21
An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction.
CVE-2019-16681
PUBLISHED: 2019-09-21
The Traveloka application 3.14.0 for Android exports com.traveloka.android.activity.common.WebViewActivity, leading to file disclosure and XSS.
CVE-2019-16677
PUBLISHED: 2019-09-21
An issue was discovered in idreamsoft iCMS V7.0. admincp.php?app=members&do=del allows CSRF.
CVE-2019-16678
PUBLISHED: 2019-09-21
admin/urlrule/add.html in YzmCMS 5.3 allows CSRF with a resultant denial of service by adding a superseding route.
CVE-2019-16679
PUBLISHED: 2019-09-21
Gila CMS before 1.11.1 allows admin/fm/?f=../ directory traversal, leading to Local File Inclusion.