Co-authored by Zhi Xu and Matt Allen We are proud to share that Netskope Threat Protection has received the 2021 On-Demand Malware Detection certification from prestigious SE Labs for a third consecutive year. Specifically, Netskope performed 100% threat detection on both known malware samples and unknown malware samples during tests conducted in December 2021, with a 0% false-positive rate.

The Elastic Security team identified a noteworthy cluster of malicious activity after reviewing our threat prevention telemetry. A valid code signing certificate is used to sign malware to help the attackers remain under the radar of the security community. We also discovered a novel malware loader used in the campaign, which we’ve named BLISTER. The majority of the malware samples observed have very low, or no, detections in VirusTotal.

The success of a modern business is heavily reliant on the network of which its computers and employees operate. With many risks looming online, a secured operating system and network are critical for most businesses to perform to their full ability. One of the most prolific threats to modern business is ransomware.

Ransomware is on the rise and shows no signs of slowing. In the past year alone, major ransomware attacks have hit just about every major industry, including health care, physical infrastructure, digital infrastructure, and food. It’s no longer a matter of if, but when an organization will be attacked, which is why most companies now spend considerable resources to defend against ransomware attacks.

Ransomware attackers today have the technical skill and tools to analyze a target’s defenses and like a band of guerilla operatives attacking a more power adversary, the attackers avoid the teeth of the defense and hit their victim at its weakest point. All while layering in new tactics to force their victims to pay a ransom. To be prepared for this threat, an organization must have a plan in place to deal with the myriad of new tricks ransomware attackers have developed over the last few years.

While many organizations are patching the two recent Apache Log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046), attackers have been racing to exploit them to deliver malware, such as botnets, backdoors, and cryptominers. Among the threats delivered using Log4Shell exploits, a new ransomware family was found by Bitdefender: Khonsari.

CrowdStrike Falcon Pro™ has won another Approved Business Security Product award from AV-Comparatives, the second in 2021, scoring the highest 99.9% protection rate in the AV-Comparatives Real-World Protection Test. AV-Comparatives is a leading independent third-party testing organization that tests the efficacy of endpoint security solutions to offer insight into how endpoint security solutions detect and protect against real-world threats.

In September 2021, Tripwire released its annual report to examine the actions taken by the U.S. federal government to improve cybersecurity. The report also looks at non-government organizations so that we may catch a glimpse of the differing views and approaches of each, which makes for interesting (and revealing) insights.

According to IBM’s Cost of a Data Breach Report 2021, the global average cost of a data breach is estimated to be $4.24 million. Cyberattacks cost organizations time and money, not only in the form of data loss but also through irreversible damage to their reputations, leading to the loss of customers. After security breaches, customer loyalty is almost impossible to regain.