Security Vulnerabilities: A Closer look at a Cyber Criminal’s Window to your System

Security Vulnerabilities: A Closer look at a Cyber Criminal’s Window to your System

You may be hearing more and more these days of new security vulnerabilities being discovered in the news and may be wondering what exactly it may imply?  Simply, a vulnerability represents the ideal opportunity for cyber criminals to infiltrate your system to compromise your data or to perform data theft.

According to current data now, we can see that these vulnerabilities will be popping up more often as 2017 had a record-breaking year for reported exploitable vulnerabilities, with almost 20,000 security flaws reported over the year.   For the year 2018, the data is still being tallied however, a report from RiskBased Security has already noted that more than 10,000 vulnerabilities have been reported in which 3,000 potential flaws which enterprises have failed to patch.

To better understand vulnerabilities, our friends from Trend Micro has segregated them into types in which to classify them:

Traditional vulnerability – is a programming error or other type of software issue that hackers can use to sidestep password protection or security measures and gain unauthorized access to legitimate systems. These are the most rampant types of security vulnerabilities.

Zero-days – are brand new software issues that have only just been identified and have not yet been patched by vendors.  As Trend Micro explained, “that’s because the vendor essentially has zero days to fix the issue or has chosen not to fix it.”

Undisclosed vulnerability – these are flaws that have been identified and reported, but are not yet disclosed to public users, giving vendors time to patch the issue.

So, what can you do to help address these vulnerabilities?

To help keep your enterprise safe from these vulnerabilities, Trend Micro suggests that you pay attention to current security research so that you can apply the necessary findings to help keep your business safe.  Another would be to make sure that you keep yourself up to date with updates and patches.  However, with the number of vendors and patches, it can sometimes be too much for your IT to patch immediately due to the volume.  Trend suggests the following patching prioritization scheme to help ease the load of your IT team:

  • The severity of the patched issue. Microsoft and other vendors will rate vulnerabilities according to how critical they are to overall risk. More critical patches should be applied as soon as possible, whereas less critical updates can represent a lower priority.
  • Vulnerabilities impacting your enterprise’s particular key software. Similarly, updates for software systems that are used on a daily basis within the enterprise and provide essential functionality should be prioritized over other updates. A patch for a software that is only intermittently used, or only impacts a small number of users in a single department of the company, for instance, can be put on the back burner.
  • Those currently being exploited. It’s important to prioritize patches for vulnerabilities that hackers are currently using to mount attacks.

To learn more, you may visit the original Trend Micro article here, visit our product page here, or you can also contact us directly at 893-9515 and we will be happy to answer your inquiries!

Cryptocurrency Malware CoinHive becomes the 6th most common Malware

Cryptocurrency Malware CoinHive becomes the 6th most common Malware

CoinHive, the cryptocurrency miner that made the news in September when it was discovered that the EITest campaign was using it to trick victims into paying for their services or handing out financial data via tech support scams.  However, a new report from coindesk.com reveals that the malware is becoming more widespread as it reaches 6th place on the list of most common malware in the world.

CoinHive works by providing website owners and operators a Javascript code that they can embed into their site. What this code does is that it covertly uses the website visitor’s processing power to mine the Monero cryptocurrency. This give both sides mutual benefits, as CoinHive keeps a portion of the mined amount, while the website owner keeps the rest. Unfortunately for website visitors, they won’t know that their processor is being used without their knowledge. While Coinhive itself is a legitimate company, its rather dubious method of operation often lends itself to abuse by malicious threat actors.

While Cryptomining malware is still not as well known as other malware like ransomware, the report from Coindesk is alarming as it shows that this threat is growing fast.   Stealthy and non-intrusive are attributes of cryptocurrency mining that might be helping in its rapid growth.  Decreased performance and latency caused by the cryptocurrency malware are annoying but can be hard to pinpoint to them as the cause.  Also, with multiple infected systems, the miner essentially gains more and more personal miners for himself without the computer owners knowledge.

Defending against CoinHive

Users who want to prevent CoinHive from using their resources may do the following:

  • Block Javascript-based applications from running on their browsers
  • Implementation of best practices to avoid engineered schemes such as the EITest campaign
  • Regularly update and patch your software (especially on your browsers)

Users should also look into effective security solutions such as Trend Micro™ Smart Protection Suites and Worry-Free™ Business Security, which protect end users and businesses from threats by detecting and blocking malicious files and all related URLs. Trend Micro™ Smart Protection Suites deliver several capabilities like high fidelity machine learning, web reputation services, behavior monitoring and application control that minimize the impact of this cryptocurrency miners and other threats.

Learn more about Trend from our Product page or contact us at 893-9515!