McAfee Labs Threat Report

Similar documents
McAfee Labs Threats Report

McAfee Labs Threats Report

Protecting Your Enterprise Databases from Ransomware

Building Resilience in a Digital Enterprise

Load Balancing with McAfee Network Security Platform

Securing Your Microsoft Azure Virtual Networks

with Advanced Protection

McAfee Database Security Insights

Reducing Operational Costs and Combating Ransomware with McAfee SIEM and Integrated Security

IBM Security Systems IBM X-Force 2012 Annual Trend and Risk Report

Securing Your Amazon Web Services Virtual Networks

Security & Phishing

McAfee Embedded Control

Targeted Ransomware No Longer a Future Threat

Ten Ways to Prepare for Incident Response

Protecting the Home Front

Top 10 Global Threat Rank by Source

McAfee Endpoint Threat Defense and Response Family

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

Mapping traditional AV detection failures. October 2017

McAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks

Sustainable Security Operations

Understanding the McAfee Endpoint Security 10 Threat Prevention Module

Phishing Activity Trends Report January, 2005

GUIDE. Navigating the General Data Protection Regulation Mini Guide

SIEM Solutions from McAfee

Seven Steps to Ease the Pain of Managing a SOC

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

Phishing Activity Trends Report August, 2005

UK Gender Pay Gap Report 2018

Internet Security Threat Report Volume XIII. Patrick Martin Senior Product Manager Symantec Security Response October, 2008

White Paper. New Gateway Anti-Malware Technology Sets the Bar for Web Threat Protection

Be certain. MessageLabs Intelligence: May 2006

United Automotive Electronic Systems Co., Ltd Relies on McAfee for Comprehensive Security

McAfee Network Security Platform Administration Course

IBM Security Network Protection Solutions

McAfee Labs Threats Report

Defend Against the Unknown

McAfee Embedded Control

McAfee Application Control/ McAfee Change Control Administration

Predators are lurking in the Dark Web - is your network vulnerable?

Petroleum Refiner Overhauls Security Infrastructure

10 Quick Tips to Mobile Security

McAfee Virtual Network Security Platform

Global Manufacturer MAUSER Realizes Dream of Interconnected, Adaptive Security a Reality

Phishing Activity Trends

Data Loss Prevention - Global Market Outlook ( )

McAfee Web Gateway Administration

Phishing Activity Trends Report October, 2004

ISO in the world today

Security by Default: Enabling Transformation Through Cyber Resilience

9 Steps to Protect Against Ransomware

McAfee Embedded Control for Healthcare

akamai s [state of the internet] / security

Cyber Attack: Is Your Business at Risk?

U.S. State of Cybercrime

Vulnerability Management & Vulnerability Assessment. Nessus Attack Scripting Language (NASL). CVE databases, NVD database

(Botnets and Malware) The Zbot attack. Group 7: Andrew Mishoe David Colvin Hubert Liu George Chen John Marshall Buck Scharfnorth

Prolexic Attack Report Q4 2011

PRODUCT OVERVIEW. Extend your security intelligence from local network to global cyberspace

WEB APPLICATION VULNERABILITIES

McAfee Embedded Control for Retail

Kaspersky Security. The Power to Protect Your Organization

SYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet

Panda Security 2010 Page 1

SIEM: Five Requirements that Solve the Bigger Business Issues

Security Gap Analysis: Aggregrated Results

Protecting your next investment: The importance of cybersecurity due diligence

Caribbean Cyber Security: Not Only Government s Responsibility

RANSOMWARE PROTECTION. A Best Practices Approach to Securing Your Enterprise

THE REAL TRUTH BEHIND RANSOMWARE EDDY WILLEMS SECURITY EVANGELIST

McAfee Endpoint Security

McAfee VirusScan and McAfee epolicy Orchestrator Administration Course

JPCERT/CC Incident Handling Report [October 1, 2015 December 31, 2015]

Technical Brochure F-SECURE THREAT SHIELD

Reduce Your Network's Attack Surface

Protecting Against Application DDoS A acks with BIG-IP ASM: A Three- Step Solution

Phishing Activity Trends Report August, 2006

McAfee MVISION Cloud. Data Security for the Cloud Era

Standard Categories for Incident Response (definitions) V2.1. Standard Categories for Incident Response Teams. Definitions V2.1.

McAfee Public Cloud Server Security Suite

Défense In-Depth Security. Samson Oduor - Internet Solutions Kenya Watson Kamanga - Seacom

Cyber-Threats and Countermeasures in Financial Sector

Automated Context and Incident Response

MOBILE THREAT LANDSCAPE. February 2018

Understanding the Changing Cybersecurity Problem

Imperva Incapsula Website Security

IBM Cloud Internet Services: Optimizing security to protect your web applications

McAfee Network Security Platform

Panda Security. Corporate Presentation. Gianluca Busco Arré Country Manager

Abstract. The Challenges. ESG Lab Review Proofpoint Advanced Threat Protection. Figure 1. Top Ten IT Skills Shortages for 2016

ISACA West Florida Chapter - Cybersecurity Event

McAfee epolicy Orchestrator

Machine-Powered Learning for People-Centered Security

McAfee Advanced Threat Defense

How NSFOCUS Protected the G20 Summit. Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

How Enterprise Tackles Phishing. Nelson Yuen Technology Manager, Cybersecurity Microsoft Hong Kong

Web Application Threat Trend Report

Kaspersky Security Network

Transcription:

McAfee Labs Threat Report December 217 THREATS STATISTICS Malware Incidents Web and Network Threats 1 McAfee Labs Threat Report, December 217

The McAfee Labs count of new malware in Q3 reached an all-time high of 57.6 million new samples, an increase of 1% from Q2. Introduction Welcome to the McAfee Labs Threats Report. In this edition, we highlight the statistics gathered by McAfee Labs in Q3 of 217. The biggest number of the quarter is our count of new malware, which reached an all-time high of 57.6 million new samples, an increase of 1% from Q2. The total count in the McAfee Labs sample database is now more than 78 million. New ransomware rose by 36% this quarter, largely from widespread Android screen-locking malware. The easy availability of exploit kits and dark web sources fuel the rapid creation of new malware. Some of the biggest malware stories that McAfee covered in Q3 include the data breach at the Equifax credit reporting company; another data breach, through a misconfigured AWS server, at a Verizon customer support supplier; and a remote code execution vulnerability in Apache Struts, a popular component of many websites across the world. Every quarter, the McAfee Global Threat Intelligence cloud dashboard allows us to see and analyze real-world attack patterns that lead to better customer protection. This information provides insight into attack volumes that our customers experience. See Page 9 for Q3 results. Raj Samani, Chief Scientist and McAfee Fellow, Advanced Threat Research Team Stay Informed Our Q3 report demonstrates an escalation in threats, not only in these stories and other reports but also in our statistics, which show increases across multiple categories. Staying informed of emerging threats and the tactics employed by malicious actors is essential. McAfee Labs is committed to helping our customers keep up to date. For more information on threats, follow us @McAfee_Labs. This report was researched and written by: Niamh Minihane Francisca Moreno Eric Peterson Raj Samani Craig Schmugar Dan Sommer Bing Sun 2 McAfee Labs Threat Report, December 217

Threats Statistics 4 Malware 9 Incidents 11 Web and Network Threats 3 McAfee Labs Threat Report, December 217

Malware 6,, 5,, New malware 9,, 75,, Total malware New malware increased by 1% in Q3, to a record high of 57.6 million samples. 4,, 6,, 3,, 45,, 2,, 3,, 1,, 15,, 215 216 217 215 216 217 3,, 2,5, 2,, New mobile malware 25,, 2,, 15,, Total mobile malware New mobile malware jumped by 6% in Q3, fueled by a big increase in Android screenlocking ransomware. 1,5, 1,, 1,, 5,, 5, 215 216 217 215 216 217 4 McAfee Labs Threat Report, December 217

Regional mobile malware infection rates (Percentage of mobile customers reporting infections) Global mobile malware infection rates (Percentage of mobile customers reporting infections) 25% 14% 2% 12% 15% 1% 1% 8% 5% 6% % Africa Asia Australia Europe North America South America Q4 216 Q1 217 Q2 217 Q3 217 4% 2% % 215 216 217 New Mac malware Total Mac malware 35, 7, 3, 6, 25, 5, 2, 4, 15, 3, 1, 2, 5, 1, 215 216 217 215 216 217 5 McAfee Labs Threat Report, December 217

1,8, 1,5, 1,2, New ransomware 14,, 12,, 1,, Total ransomware New ransomware rose by 36% in Q3, boosted by a big increase in Android screenlocking threats. 9, 8,, 6, 6,, 3, 4,, 215 216 217 2,, 215 216 217 1,6, 1,4, 1,2, 1,, 8, 6, New malicious signed binaries 24,, 2,, 16,, 12,, 8,, 4,, Total malicious signed binaries 4, 2, 215 216 217 215 216 217 6 McAfee Labs Threat Report, December 217

New macro malware Total macro malware 25, 1,5, 2, 1,2, 15, 9, 1, 6, 5, 3, 215 216 217 215 216 217 5,, 4,5, 4,, New Faceliker malware 16,, 14,, 12,, Total Faceliker malware The Faceliker Trojan manipulates Facebook clicks to artificially like certain content. To learn more, read this post from McAfee Labs. 3,5, 1,, 3,, 8,, 2,5, 6,, 2,, 4,, 1,5, 2,, 1,, 5, 215 216 217 215 216 217 7 McAfee Labs Threat Report, December 217

7,, 6,, 5,, 4,, 3,, New JavaScript malware 5,, 4,, 3,, 2,, 1,, Total JavaScript malware JavaScript malware fell by 26% in Q3 from an all-time high in Q2. For more on JavaScript threats, see The rise of scriptbased malware, in the McAfee Labs Threats Report, September 217. 2,, 1,, 215 216 217 215 216 217 16, 14, 12, 1, 8, New PowerShell malware 3, 25, 2, 15, 1, Total PowerShell malware PowerShell malware more than doubled in Q3 compared with Q2. For more on PowerShell threats, see The rise of script-based malware, in the McAfee Labs Threats Report, September 217. 6, 5, 4, 2, 215 216 217 215 216 217 8 McAfee Labs Threat Report, December 217

Incidents McAFEE GLOBAL THREAT INTELLIGENCE Publicly disclosed security incidents by region (Number of publicly disclosed incidents) 35 3 25 2 15 1 5 Q1 Q2 Q3 Q4 Q1 Q2 Q3 216 217 Africa Asia Multiple Americas Europe Oceana 6 5 4 3 2 1 Top 1 attack vectors in 216 217 (Number of publicly disclosed incidents) Unknown Account hijacking Leak Malware DDoS Targeted SQL injection Defacement W-2 scam Vulnerability Every quarter, the McAfee Global Threat Intelligence cloud dashboard allows us to see and analyze realworld attack patterns that lead to better customer protection. This information provides insight into attack volumes that our customers experience. In Q3, our customers saw the following attack volumes: McAfee GTI received on average 45 billion queries per day in Q3. McAfee GTI protections against malicious files increased to 4 million per day in Q3 from 36 million in Q2. Continued on page 1. 9 McAfee Labs Threat Report, December 217

8 7 6 5 4 3 2 1 Health Top sectors targeted in North and South America (Number of publicly disclosed incidents) Public Sector Education Finance Retail Technology Entertainment Hospitality Online Services Manufacturing 3 25 2 15 1 5 Top 1 targeted sectors in 216 217 (Number of publicly disclosed incidents) Public Health People Education Finance Online services Multiple Retail Entertainment Software development McAfee GTI protections against potentially unwanted programs (PUPs) shows a decrease back to typical levels at 45 million per day in Q3 from an abnormal high of 77 million in Q2. McAfee GTI protections against medium-risk URLs shows an increase to 43 million per day in Q3 from 42 million in Q2. McAfee GTI protections against high-risk URLs shows an increase to 56 million per day in Q3 from 41 million in Q2. Q4 216 Q1 217 Q2 217 Q3 217 McAfee GTI protections against risky IP addresses shows a decrease to 48 million per day in Q3 from 58 million per day in Q2. 1 McAfee Labs Threat Report, December 217

Web and Network Threats 18,, 15,, 12,, 9,, 6,, 3,, New suspect URLs 215 216 217 Spam botnet prevalence by volume in Q3 2%1% 1% Gamut Necurs Cutwail 49% Darkmailer Lethic 39% Others Gamut remains the most prevalent spamming botnet during Q3, with Necurs a close second. Necurs proliferated several Ykcol (Locky) ransomware campaigns with themes such as Status Invoice, Your Payment, and Emailing: [Random Numbers].JPG during the quarter. New spam URLs New phishing URLs 1,, 1,4, 8, 1,2, 6, 1,, 4, 8, 2, 6, 215 216 217 4, 2, 215 216 217 11 McAfee Labs Threat Report, December 217

Top malware connecting to control servers in Q3 Top countries hosting botnet control servers in Q3 2% 2% 9% Wapomi United States 3% 4% 5% 49% Maazben China Chopper RedLeaves Onion Duke 28% 39% Germany China Netherlands France Muieblackcat 3% Russia 26% Ramnit Others 3% 4% 4% 5% 14% Canada Others Top network attacks in Q3 7% 4% 5% SMB Browser 12% 13% 44% Denial of service Brute force Malware DNS Others 16% 12 McAfee Labs Threat Report, December 217

About McAfee McAfee is one of the world s leading independent cybersecurity companies. Inspired by the power of working together, McAfee creates business and consumer solutions that make the world a safer place. By building solutions that work with other companies products, McAfee helps businesses orchestrate cyber environments that are truly integrated, where protection, detection, and correction of threats happen simultaneously and collaboratively. By protecting consumers across all their devices, McAfee secures their digital lifestyle at home and away. By working with other security players, McAfee is leading the effort to unite against cybercriminals for the benefit of all. About McAfee Labs McAfee Labs is one of the world s leading sources for threat research, threat intelligence, and cybersecurity thought leadership. With data from millions of sensors across key threats vectors file, web, message, and network McAfee Labs delivers real-time threat intelligence, critical analysis, and expert thinking to improve protection and reduce risks. www.mcafee.com/us/mcafee-labs.aspx. www.mcafee.com. 2821 Mission College Blvd. Santa Clara, CA 9554 888.847.8766 www.mcafee.com The information in this document is provided only for educational purposes and for the convenience of McAfee customers. The information contained herein is subject to change without notice, and is provided as is, without guarantee or warranty as to the accuracy or applicability of the information to any specific situation or circumstance. McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, LLC or its subsidiaries in the United States and other countries. Other marks and brands may be claimed as the property of others. Copyright 217 McAfee, LLC 378_1117_rp-threats-dec-217 December 217 13 McAfee Labs Threat Report, December 217

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback