Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

Your Morning Security Spotlight

Published 11/21/2017

Your Morning Security Spotlight

By Jacob Serpa, Product Marketing Manager, Bitglass

The top cybersecurity stories of the week revolved around malware and breaches. Infections and data theft remain very threatening realities for the enterprise.

400 Million Malware Infections in Q3 of 2017

In the last few months, malware has successfully infected hundred of millions of devices around the world. As time passes, threats will continue to become more sophisticated, effective, and global in reach. To defend themselves, organizations must remain informed about current malware trends.

Fileless Attacks Are on the Rise It is estimated that 35 percent of all cyberattacks in 2018 will be fileless. This kind of attack occurs when users click on unsafe URLs that run malicious scripts through Flash, for example. Rather than rely solely on security measure that only monitor for threatening files, the enterprise should adopt solutions that can defend against zero-footprint threats. Terdot Malware Demonstrates the Future of Threats The Terdot malware, which can surveil emails and alter social media posts in order to propagate, is serving as an example of the evolution of malware. More and more, threats will include reconnaissance capabilities and increasing sophistication. Hackers are looking to refine their methods and contaminate as many devices as possible. Spoofed Black Friday Apps Steal Information and Spread Malware In their rush to buy discounted products, many individuals are downloading malicious applications that masquerade as large retailers offering Black Friday specials. As information is stolen from affected devices and malware makes its way to more endpoints, businesses that support bring your own device (BYOD) must be mindful of how they secure data and defend against threats. What to Do in the Event of a Breach ITPro posted an article on how organizations should respond when their public cloud instances are breached. Rather than assume that cloud app vendors perfectly address all security concerns, organizations must understand the shared responsibility model of cloud security. While vendors are responsible for securing infrastructure and cloud apps themselves, it is up to the enterprise to secure data as it is accessed and moved to devices. As such, remediation strategies vary depending on how breaches occur (compromised credentials versus underlying infrastructure being attacked). Clearly, the top stories from the week were concerned with what can go wrong when using the cloud. To combat these threats, organizations must first understand them. From there, they can adopt the appropriate security solutions. To take the first step and learn more about threats in the cloud, download this report.

Share this content on your favorite social network today!