Reported by SecurityIntelligence.com on 14 Aug 2017, “Malware is a major cause of cyberattacks today, with fraudsters using targeted spear phishing emails and social engineering to distribute malicious files to unsuspecting employees at various organizations. To make matters worse, malware has evolved to avoid detection by traditional security tools and systems.

Take the CozyDuke malware campaign as an example. Attackers used spear phishing to distribute Flash videos that installed the CozyDuke executable when played on a victim’s computer. Due to the viral nature of the content, these videos got passed around between colleagues and helped spread the malware rapidly.

Given the sophistication of such malware, security analysts need to identify infected endpoints by investigating indicators and incidents that are flagged by security information and event management (SIEM) systems that monitor activity and suspicious behavior on the network. Analysts are often overwhelmed with the amount of data they need to consume to accurately investigate whether these incidents are truly malicious and, if so, determine the necessary remediation actions.”

For full article please see here: SecurityIntelligence.com. Featured image from same website.



Leave a Reply