Security News > 2023 > July > 20% of malware attacks bypass antivirus protection
Many still lack the necessary tools to investigate the security and organizational impact of these infections and effectively mitigate follow-on attacks - with 98% indicating better visibility into at-risk applications would significantly improve their security posture.
Seemingly innocuous actions like these can inadvertently expose organizations to malware and follow-on attacks including ransomware stemming from the stolen access details.
The survey revealed many are struggling with routine responses to malware infections: 27% don't routinely review their application logs for signs of compromise, 36% don't reset passwords for potentially exposed applications, and 39% don't terminate session cookies at the sign of exposure.
Attacker dwell time has been growing according to recent research, providing malicious actors ample time to operationalize data exfiltrated by malware.
"Breaking bad habits requires time and resources most organizations can't afford and have a hard time finding in the first place. To reduce the risk created by unauthorized account access, infected devices and human error, they need a new approach for detecting and remediating malware. For many security teams, responding to infections is a machine-centric process that involves isolating and clearing the malware from the device. However, an identity-centric approach is more thorough as the ultimate goal is to better address the growing attack surface tied to an individual user that puts the business at risk," Hilligoss explained.
In the first half of 2023, researchers found that 20% of all recaptured malware logs had an antivirus program installed at the time of successful malware execution.
News URL
https://www.helpnetsecurity.com/2023/07/13/malware-infections-responses/
Related news
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- Researchers Uncover Malware Using BYOVD to Bypass Antivirus Protections (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- FBI spots HiatusRAT malware attacks targeting web cameras, DVRs (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)