The researchers reveal the most common in the report domains, used by attackers to host maliciously programs and realize attacks and subdomains of legitimate sites and content delivery networks (CDNs) such as CloudFlare.net, SharePoint and Amazonaws.com.
“This Internet Security Report shows the methods used by hackers to install malware or send phishing emails to networks, hiding them in legitimate content hosting domains ”, said WatchGuard Technologies.
There are many ways to deal with these attacks, such as authentication, the use of antivirus programs, DNS-level filtering, threat training, and so on.
Of course, no method of protection is sufficient to deal with all threats. A multi-level approach is needed to get the most protection possible.
The WatchGuard report analyzes the threats to cyberspace, while proposing various practices to help businesses protect their customer data.
The key findings of the WatchGuard Technologies report are:
- Phishing and malware attacks exploit legitimate domains. Many of them are legal CDN subdomainssuch as Amazon's CloudFront.net and legally sites file sharing such as [.] Mixtape [.] Moe. Hackers often use this method of attack. WatchGuard has been able to show exactly which domains are used in these attacks.
- The Kali Linux is listed as the most common malware. Two features of the popular penetration testing tool, Kali Linux, appear in the list of the most common malware, according to WatchGuard. The two functions are Trojan.GenericKD, which creates a backdoor on a command-and-control server, and Backdoor.Small.DT, a web shell script that also creates backdoors on the web servers.
- It was remarkable increased malware attacks compared to previous years. WatchGuard's malware detection services detected more malware software in the 2 quarter of 2019 compared to the corresponding quarter of 2018.
- Office phishing and phishing attacks are among the ten most common threats. Already in the last quarter of 2018 there has been a significant increase. Users should regularly update Office and use practices that protect them from Phishing attacks.
- Η SQL injection is the most common technique of attacking networks. During the 2 quarter of 2019, 34% of the attacks used this technique. Compared to 2 2018 quarter, 29.000% increase. Anyone with an SQL database should update their systems immediately and invest in one firewall.
- Hackers are mainly targeted users located in Europe or Asia. During the 2 2019 quarter, 37% of malware attacks occurred in the United Kingdom, Italy, Germany and Mauritius. 36% of the attacks targeted areas of Asia.
In the full report you can find more information about the most dangerous and often malicious software and attacks that occurred during the 2 2019 quarter. In addition, there are many tips on protection organizations and businesses.