Lastline’s Q4 2017 Malscape Monitor Report delivers previously unavailable trends and actionable insights into malicious behaviors and how threats unfold.
The MIME types used to deliver malware varies across the three regions analyzed
Reflecting the objects analyzed in the last quarter of 2017, the report found:
Enterprises use over a 100 different file types every day to do business, with malware prevalent in over 40 different MIME types. Security systems must be equally good at analyzing and detecting malicious intent across a wide range of file types.
One in every 500 objects that Lastline analyzed after they were released by existing security controls was malicious. Consider the volume of emails your organization receives and web pages that employees view to estimate the possible volume of malware that’s entering your network.
Can you detect a malicious file for which a signature doesn’t exist? Two out of every three malicious files that Lastline analyzed were not submitted to VirusTotal. Your company will be the first one to receive that particular file. Can you detect it?
One in 12 malware encounters exhibited four distinct advanced persistent capabilities (evasion, packing, steal, stealth) that escalates the risk of data theft. Can you distinguish between low- and high-risk threats so you can prioritize your response and remediation efforts?
Ninety percent of detections didn’t reveal when credentials have been stolen. If your security system is simply informing you that it has detected something generically malicious and it recommends reimaging the impacted system, how are you protecting against criminals using stolen credentials to access systems at a later date?