Security News > 2023 > July > 20% of malware attacks bypass antivirus protection

Many still lack the necessary tools to investigate the security and organizational impact of these infections and effectively mitigate follow-on attacks - with 98% indicating better visibility into at-risk applications would significantly improve their security posture.

Seemingly innocuous actions like these can inadvertently expose organizations to malware and follow-on attacks including ransomware stemming from the stolen access details.

The survey revealed many are struggling with routine responses to malware infections: 27% don't routinely review their application logs for signs of compromise, 36% don't reset passwords for potentially exposed applications, and 39% don't terminate session cookies at the sign of exposure.

Attacker dwell time has been growing according to recent research, providing malicious actors ample time to operationalize data exfiltrated by malware.

"Breaking bad habits requires time and resources most organizations can't afford and have a hard time finding in the first place. To reduce the risk created by unauthorized account access, infected devices and human error, they need a new approach for detecting and remediating malware. For many security teams, responding to infections is a machine-centric process that involves isolating and clearing the malware from the device. However, an identity-centric approach is more thorough as the ultimate goal is to better address the growing attack surface tied to an individual user that puts the business at risk," Hilligoss explained.

In the first half of 2023, researchers found that 20% of all recaptured malware logs had an antivirus program installed at the time of successful malware execution.

News URL

https://www.helpnetsecurity.com/2023/07/13/malware-infections-responses/