Cisco a leader is Networking Software and equipment. The company released Annual Security Report for year 2016 and show some astonishing facts about how cyber threats are evolving and how Cybercriminals have refined their back-end infrastructures to carry out attacks in ways that increase efficiency and profits.
New threat intelligence and trend analysis in the Cisco 2016 Annual Security Report explains advances by the security industry and by criminals. Gain insights into how to effectively combat these threats with increased collaboration, communication, and coordination, and by investing for resilience. You’ll also learn how your security peers assess the state of security preparedness in their organizations.
Report highlights include:
- How industry efforts have crippled major attacks
- Shifts in tactics by cybercriminals to make money
- Expert insights into top vulnerabilities
- How adaptive, integrated solutions can quicken time to detection
- An update about the state of enterprise security preparedness
Beware Browser Extensions:
Cisco found out that Rouge browser extensions getting pretty popular are a major source of data leakage for business organisations. Cisco estimates that more than 85 percent of
organizations studied are affected by malicious browser extensions.
Angler Exploit Kit:
The Angler exploit kit is one of the largest and most effective exploit kits on the market and is notoriously linked to several ransonware campaigns resulting in losses to individuals and companies. Angler operator has found unique way to avoid being detected. Some operators of the exploit kit were using an inordinate percentage of worldwide proxy servers. Angler alone milked over 34 million USD with a success rate of 2.9% for every ransom ware attack.
This was one of the largest distributed denial of service (DDoS) botnets ever observed by Cisco researchers. It was however significantly weakened by the combined efforts of Cisco and Level 3 Threat Research Labs. SSHPsychos is operational in two countries: China and the United States and uses brute force attacks to target networks.
Wordpress although most popular CMS is also more vulnerable platform as Bad actors are making use of compromised websites created by the popular web development platform WordPress for their criminal activities. There they can marshal server resources and evade detection. Creators of some ransomware variants as well as developers of other exploits are now shifting traffic to
hacked WordPress websites as a way to avoid detection and use server space
Adobe Flash leads vulnerabilities list:
Abobe leads the packs when it comes of vulnerable platforms being used to attack. Apple has already disabled Flash while others are following the suit.
Malware attacks Industry wise:
Cisco report suggests that these attacks are time specific when targeting any industry. For example from January to March 2015, government was the vertical with the highest block rate activity. From March to May, it was electronics. In midsummer, professional services saw the most blocks. And in the fall of 2015, healthcare was leading all verticals in the number of block rates.
For a complete insignt, you can download the report here: