67 Percent of Shellshock Signatures Tied to Known Malicious Sources; Top ISPs Continue to Be Used as Malware Hosts
OMAHA, NE--(Marketwired - Oct 30, 2014) - Solutionary, an NTT Group security company (
This quarter's report reveals that more than 75 percent of organizations the Solutionary SERT Incident Response Team assisted had neither an incident response team nor policies or procedures in place to effectively address a cyberincident. The Solutionary SERT also tracked the Shellshock disclosure closely and found that 67 percent of the Shellshock signatures were tied to known malicious actors as soon as 24 hours after the vulnerability was disclosed. In addition, as follow-on research to information collected in Q4'13 and Q2'14, the report highlights the top-ten ISPs hosting malware. GoDaddy-hosted sites had a massive resurgence from two percent to 44 percent, reclaiming the number one spot from Amazon Web Services (AWS). Conversely, AWS's fall from 41 percent of hosted malware to 17 percent in Q3 reflects the dramatic and consistent fluctuation in hosting providers being used as attack vectors.
"Organizations have been inundated with a constant flow of news about data breaches, so the frequency and magnitude of successful attacks actually comes as little surprise. The findings in the Q3 Threat Report highlight not only the challenges security teams are facing but also how little is being done to prepare businesses for these incidents," said Rob Kraus, SERT director of research, Solutionary. "Nearly three quarters of our team's incident response engagements showed minimal, even zero, preparation by IT teams when it came to identifying and remediating security events."
Other Key Topics Include:
Malware Distribution Analysis Updates
Threat Research Focus: Anatomy of a Web-Based Botnet
Attacks on UDP Port 40000
Spear Phishing with VistaTeam
Readers will find several sections in the report that provide timely, actionable information they can use to help protect against today's most nefarious attack tactics and vectors.
To access a copy of the complete report, please visit:
http://www.solutionary.com/research/threat-reports/quarterly-threat-reports/sert-threat-intelligence-q3-2014/
Tweet This: .@Solutionary Q3 ThreatReport: #IncidentResponse Shows no Progress Despite High-Profile #Breaches & Vuln Disclosures http://goo.gl/eFJBk4
About Solutionary
Solutionary, an NTT Group security company (NYSE: NTT), is the next generation managed security services provider (MSSP), focused on delivering managed security services, security consulting services and global threat intelligence. Comprehensive Solutionary security monitoring and security device management services protect traditional and virtual IT infrastructures, cloud environments and mobile data. Solutionary clients are able to optimize current security programs, make informed security decisions, achieve regulatory compliance and reduce costs. The patented, cloud-based ActiveGuard® service platform uses multiple detection technologies and advanced analytics to protect against advanced threats. The Solutionary Security Engineering Research Team (SERT) researches the global threat landscape, providing actionable threat intelligence, enhanced threat detection and mitigating controls. Experienced, certified Solutionary security experts act as an extension of clients' internal teams, providing industry-leading client service to global enterprise and mid-market clients in a wide range of industries, including financial services, healthcare, retail and government. Services are delivered 24/7 through multiple state-of-the-art Security Operations Centers (SOCs).
Contact Information:
Travis Anderson
925-271-8227