Security News












        Malware variety grows by 13.7% in 2019 due to web skimmers. Kaspersky’s web antivirus solution has
        identified a 13.7% rise in unique malicious objects compared to last year, with a total of 24.6 million being
        found. The growth has been attributed to a staggering 187% rise in web skimmer files, while other threats
        such as back doors and banking Trojans also grew. However, the presence of malicious cryptocurrency miners
        has fallen by 50%, most likely due to the lack of interest in cryptocurrencies over the year. Around 85% of web
        threats were detected as malicious URLs, which now find themselves on Kaspersky’s blacklist. “The volume of
        online attacks has been growing for years, but in 2019 we saw a clear shift from certain types of attacks that
        are becoming ineffective to the ones focused on gaining clear profit from users,” said Vyacheslav Zakorzhevsky,
        head of anti-malware research at Kaspersky. “This is partly due to users becoming more aware of the threats
        and how to avoid them, and organisations steadily becoming more responsible.”

                Source: https://finance.yahoo.com/news/malware-variety-grows-13-7-170040214.html



        As malware and network attacks increase in 2019, zero day malware accounts for 50% of detections. Amid
        significant increases in both malware and network attacks, multiple Apache Struts vulnerabilities – including
        one used in the devastating Equifax data breach – appeared for the first time on WatchGuard’s list of most
        popular network attacks in Q3 2019. The report also highlights a major rise in zero day malware detections
        and, increasing use of Microsoft Office exploits and legitimate penetration testing tools. The massive fallout
        from the Equifax breach put the severity of this vulnerability on full display and should serve as a reminder of
        how important it is for web admins to patch known flaws as soon as possible. Two malware variants affecting
        Microsoft Office products made WatchGuard’s top ten list of malware by volume, as well as the top ten most-
        widespread malware list last quarter. This indicates that threat actors are doubling down on both the
        frequency with which they leverage Office-based attacks, as well as the number of victims they’re targeting.
        Both attacks were primarily delivered via email, which highlights why organizations should increasingly focus
        on user training and education to help them identify phishing attempts and other attacks leveraging malicious
        attachments.
                Source: https://www.helpnetsecurity.com/2019/12/13/network-attacks-2019/



        VISA warns of POS malware incidents at gas pumps across North America. Payments processor VISA says
        North American merchants who operate gas stations and gas pumps are facing a rash of attacks from
        cybercrime groups wanting to deploy point-of-sale (POS) malware on their networks. In two security alerts
        published in November and December, respectively, VISA said its security team investigated at least five
        incidents of the sort. The payments processor said cybercrime groups carried out attacks with the main
        purpose of gaining access to fuel dispenser merchants' networks, where they installed POS malware.

                Source:  https://www.zdnet.com/article/visa-warns-of-pos-malware-incidents-at-gas-pumps-across-
                north-america/








                                                    www.accumepartners.com
                                                                                                                     5