Week in review 15 August 2014
This week CSO covered the risk of Spear Phishing attacks and some ways to defend against such attacks. A large data breach affecting a food company was uncovered in the US; it looks like it may have been caused by Point of Sale software infected with malware. Google announced that Gmail will be subject to extra email filtering in an effort to reduce spam.
New research from Symantec indicates that most malware no longer stops running when installed on a virtual machine. Finally, Google announced more safety features for browsers. Phishing sites are on the rise compared to last year, and the risk is reaching a critical point, according to this article from CSO. What is extraordinary is that approximately 32.7 % of PCs globally are infected with some form of malware.
The article goes on to talk about various ways to defend against the threats, and how to recover if you have an infected machine. A large data breach looks to have occurred in the USA involving a sandwich chain called “Jimmy John’s”. Although the company is still investigating the extent of the breach, suspicion is falling on POS software used by the company. POS software can become infected with malware, leading to data breaches. Google announced extra features for its Gmail service.
These extra features are designed to block cleverly crafted spam email. Specifically, characters from other alphabets (such as Latin and Cyrillic) that look similar to English characters but are substituted for English characters may lead to an email being blocked. As the problem of spam grows, we at MailShark expect email filtering to become the norm. CSO reported on a new finding from Symantec concerning malware running on Virtual Machines (VM). It used to be the case that malware would detect it was running on a VM, and simply shutdown. Latest findings by Symantec show that only 18 percent of malware programs shutdown when run on a VM.
This does make it a little easier for researchers when analysing malware. Finally, Google made an announcement regarding their “Safe Browsing” service. Safe Browsing has the aim of alerting users to possibly malicious sites. Google refers to any software that makes changes to a PC without telling the user about the changes as “deceptive software”. One of the enhancements alerts users to sites that contain deceptive software.