The problem of file-borne malware is a severe one, and it is only growing in scope. More threat actors than ever are concealing malicious code, malicious macros, unsecure hyperlinks, and other malicious content within common files. This paper examines the ways attackers use files to deliver malware, the reasons these methods are effective, and the steps organizations should take to block these kinds of attacks.
Although file uploads are necessary for productivity and for certain websites and web applications to perform their functions, they also offer an attack vector to cyber criminals. By concealing advanced threats that exploit web server vulnerabilities within common file types, attackers can compromise a server or a system. This paper will describe the best ways to prevent malicious file uploads while still allowing legitimate file uploads.
The argument to use multiple anti-malware engines is simple: there is no single anti-malware engine that is consistently the most effective at detecting malware. Learn how to address several security issues that many organizations face including determining how much malware is out there, finding a way to protect against anti-malware engine detection evasion, the perceived advantages and disadvantages of multi-scanning, and how to use technologies such as data sanitization to help prevent threats.
All organizations handle many types of files entering from a variety of digital communication channels, and mitigating the risk of threats while maintaining productivity can be difficult. Utilizing a file quarantine can help administrators with these challenges; learn the top three questions you should be asking about your quarantine process.
After a slew of data breaches in 2014, the FBI warned the healthcare industry that cyber-criminals would be directing more attention their way in 2015. The healthcare industry has become an increasingly attractive target for cyber attacks. What is it about the healthcare industry that has captured the cyber criminals' interest in the last few years, and what can you do to protect your organization?
Compressed and extractable files are a part of our digital landscape. Both at work and at home, most of us see these files on a weekly basis, if not more frequently. They allow us to efficiently transmit large files, improving data flow within government agencies, private organizations, and even family groups. Extractable files are also, unfortunately, an incredibly efficient means for transmitting malware; how can you ensure these threats are not missed by your security solution?
Since most critical infrastructure facilities are isolated from external networks, administrators rely heavily on portable media to transport files to and from secure areas, making them attractive attack vectors for malware-writers, as a means into a secure facility. While some organizations have gone to extreme measures, such as banning peripheral devices, these solutions can limit productivity. Read about how you can achieve a balance between security and productivity.
With an ever-changing threat landscape, certain software applications have become difficult to detect and define as potential threats by anti-malware technologies. This type of application is commonly known as a potentially unwanted program (PUP) or a potentially unwanted application (PUA). These applications can open users to vulnerabilities and risk; learn how to recognize these types of applications to protect against the potential risks.
Cisco, Microsoft and the Trusted Computing Group are battling to control the keys to locking untrusted endpoints out of networks. Systems should grant access to the network based on factors such as anti-malware protection level, personal firewall assessment, host and user authentication, location, and even time of day.