Symantec Security Response – Latest Intelligence
Symantec Security Response – Latest Intelligence
for December 2016
Latest Intelligence
for December 2016
The number of web attacks blocked per day were up by almost 100,000, and Symantec helps law enforcement crack down on cybercrime
Some of the key takeaways from December’s Latest Intelligence, and the threat landscape in general, include an increase in the number of web attacks blocked by Symantec, the return of a particularly nasty disk-wiping threat, and how Symantec played a vital role in two law enforcement operations.
Web attacks
Last month, the number of web attacks blocked by Symantec per day increased to 388,000, up from 291,000 the previous month.
Figure 1. The number of web attacks blocked increased in December to 388,000 per day.
There was no change in the exploit kit top-three rankings for December. RIG retained the number one spot for the fourth month in a row with 34.8 percent of all exploit kit activity. Fiesta’s activity rose slightly to 4.2 percent, holding the kit at its number two spot. And although Magnitude also increased its activity from the previous month (up from 2.6 to 3.2 percent) it still placed third after being knocked from second place by Fiesta in November.
Malware
The number of new malware variants seen in December dropped to 19.5 million (down from 71.2 million in November). This is the lowest level seen since last July. The drop might be the result of a decline in activity surrounding the Kotver (Trojan.Kotver) family of threats, which saw significant activity from August to November last year.
Spam
The global spam rate declined slightly in December to 54.2 percent, down 0.1 percentage points from November. Organisations with 1,001-1,500 employees had the highest spam rate in December and the construction sector was the industry with the highest spam rate, increasing 2.1 percentage points to 63.3 percent.
Phishing
Phishing continues to be a major threat to organisations, as highlighted last month when the LA County Chief Executive Office issued a public notice revealing that 756,000 Californians would be receiving breach notification letters because 108 LA County employees fell for a phishing email scam earlier in the year.
Mobile
The month also saw researchers discover at least 28 low-cost Android phone models that included built-in software that downloads adware and potentially unwanted apps. The downloader software (Android.Malapp) was found in the firmware of phone models manufactured by several brands. In some instances, the software could also make phone calls, display advertisements, and opens links in the phone’s browser.
ends