Zero-day attacks are no longer limited to hacker groups and companies; governments have been exploring the use of offensive zero-day capabilities. In fact, state actors, including the U.S., are some of the biggest customers for new zero-day attacks. Recently, the Israel Ministry of Defense expressed interest in advanced vulnerabilities and zero-day exploits R&D for use by its law-enforcement and security agencies, and other countries are almost certainly seeking similar capabilities.
Our relationships with our Metadefender Core and Metadefender Cloud engine providers are extremely important to us. In order to maintain a strong relationship, we wanted to emphasize that our multi-scanning technology has different licensing options for Non-Security Application Developers compared to IT Admins. There are no third-party licensing restrictions to use our 90 data sanitization engines, also known as Content Disarm and Reconstruction (CDR), and Vulnerability Engine. Anti-malware engine availability differs in our multi-scanning packages depending on the intended use case:
Recently, McAfee Labs published a report describing advancements in macro-based malware that uses new techniques to evade detection. This malware avoids many of the markers that anti-malware products look for to detect malicious macros. One of these common markers are macros that launch on the document’s AutoOpen() or DocumentOpen() events. These macros also do some sophisticated checks to determine whether they are likely being executed inside of a sandboxed environment. If there is anything in the environment that suggests the file is being accessed inside of a sandbox, the malware does nothing in an attempt to evade detection.
OPSWAT is excited to announce that our powerful data sanitization technology is now available in our next generation Metadefender Core product. In Metadefender Core v4.5.0, administrators will have access to the following in all workflows:
A new ransomware called PowerWare was recently identified by researchers at Carbon Black. This threat is spreading through phishing emails containing Microsoft Word documents embedded with malicious macros. We have seen a few examples of this threat uploaded to our public Metadefender.com site, where users can scan files, hashes and IP addresses for threats.
We will be hosting two Cyber Security Seminars in Japan and South Korea this month. Both of these events offer a great opportunity to learn about our industry-leading security solutions and to network with OPSWAT, our technology partners, and industry peers. We will be covering a variety of trending security topics including ransomware, email security, data sanitization, and more.
It was recently reported that Hollywood Presbyterian Medical Center paid a ransom to hackers to regain control of their computer systems. Although the amount of the ransom, $17,000, was not extraordinarily high for a hospital to cover, it does illustrate the risks that medical organizations face, and the potentially high costs of not adequately protecting themselves from those risks. This type of attack is often launched via a weaponized email attachment that is opened by an individual, and subsequently infects the network. This illustrates the need to properly scan all incoming files for threats before they are allowed into a secure network.
With the increasing volume of new malware, there is a growing challenge to prevent both known and unknown threats. Single solutions are not sufficient for protecting against the current malware landscape. Fortunately, there are technologies that when used in combination, can provide more comprehensive protection from threats.
Every organization has data flowing into and out of the organization. Along with any data comes the risk of malware. To protect against threats, most organizations implement anti-malware solutions at different entry points, such as email, web, and portable media. However instead of tackling each entry point as a separate anti-malware project, organizations should treat secure data workflow as a complete process that addresses data cyber security in the company as a whole. By combining the different elements into one process, organizations obtain a complete overview, decreasing the chance of overlooking things and allowing them to benefit from synergies and increase efficiency.
Watch Szilard Stange's data sanitization presentation from NIAS 2015 to learn about the changes across the threat landscape, the rise of malware exploits, and how data sanitization technology can repair infected files.