• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

 | 

CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

 | 

Hackers deploy fake SonicWall VPN App to steal corporate credentials

 | 

Mainline Health Systems data breach impacted over 100,000 individuals

 | 

Disrupting the operations of cryptocurrency mining botnets

 | 

Prometei botnet activity has surged since March 2025

 | 

The U.S. House banned WhatsApp on government devices due to security concerns

 | 

Russia-linked APT28 use Signal chats to target Ukraine official with malware

 | 

China-linked APT Salt Typhoon targets Canadian Telecom companies

 | 

U.S. warns of incoming cyber threats following Iran airstrikes

 | 

McLaren Health Care data breach impacted over 743,000 people

 | 

American steel giant Nucor confirms data breach in May attack

 | 

The financial impact of Marks & Spencer and Co-op cyberattacks could reach £440M

 | 

Iran-Linked Threat Actors Cyber Fattah Leak Visitors and Athletes' Data from Saudi Games

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 50

 | 

Security Affairs newsletter Round 529 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Iran confirmed it shut down internet to protect the country against cyberattacks

 | 

Godfather Android trojan uses virtualization to hijack banking and crypto apps

 | 

Cloudflare blocked record-breaking 7.3 Tbps DDoS attack against a hosting provider

 | 

Linux flaws chain allows Root access across major distributions

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Cyber Crime
  • Malware
  • Getting computer infections more often? You’re not alone!!

Getting computer infections more often? You’re not alone!!

Pierluigi Paganini April 27, 2015

Computer malware Infections are dramatically increasing, it is time to assume a proper security posture to protect every single note of a global network.

Infections from malicious software — harmful code that’s also known as malware and that includes things like computer viruses and worms — are keeping repair specialists like in Kaspersky, Sophos, and Symantec etc.  thanks in part to an exponential rise in the types of malware hitting PCs.

As Malware rise, U.S. Remains Biggest Source of Attacks. Contrary to popular perception, a majority of the cyber-attacks on U.S. companies continue to originate from inside the country rather than outside it.companies continue to originate from inside the country rather than outside it.

Recently news says that, Emails to and from President Barack Obama were read by Russian hackers last year in a breach of the White House‘s unclassified computer system isn’t it give you feel that you are not alone ! Even U.S. ! Even U.S. president is trapped.

Russian hackers who penetrated sensitive parts of the White House computer system last year read President Barack Obama’s unclassified e-mails.

“There is no evidence that the president’s e-mail account itself was hacked but still, the fact that some of Mr. Obama’s communications were among those retrieved by hackers has been one of the most closely held findings of the inquiry,”.

Although no classified networks had been compromised, officials conceded that the unclassified system still contains highly sensitive information such as e-mail exchanges with diplomats, exchanges about personnel moves and legislation, presidential schedules and discussion about policy.

Officials did not disclose the number of Obama’s e-mails that were read by the hackers or the sensitivity of their content but this news gives shocking wave for all users “Are we safe?”

For all the attention placed on state-sponsored actors and cyber criminal gangs in Russia, China and East Europe, nearly a third of the IP addresses associated with malicious activity and 48 percent of malicious URLs are U.S.-based a report from security vendor Webroot shows. The Webroot report is based on an analysis of information gathered by the company’s BrightCloud threat intelligence service. It showed that malware and the infrastructure for hosting and distributing it, is growing dramatically fast.

On average, there are a staggering 12 million malicious IP addresses operating on the Internet on any given day with approximate 85,000 new addresses being launched daily. While the IP addresses come from all over the world, over 30 percent of them are from the US followed by China with 23 percent and Russia with 10 percent.

When Webroot looked at where malicious URLs are located, Russia and China were barely on the list while the US topped with France in a distant second place.

“The United States is the number one source of attacks, number one in terms of attack victims and number one in terms of attackers. One reason why so many malicious URLs are located in the US could simply be that malicious attackers know that URLs in high-risk countries are automatically blocked by ego-filtering services.”

“An example of such a service is an enterprise network that is configured to reject all connection attempts involving URLs from a high-risk country,” “This underscores the importance of having URL reputation data independent of classification, as filtering purely by IPs may not be enough to keep networks and users secure,”

Remember the days when security awareness programs only had to warn employees about website spoofing? Unfortunately, malware-attack methods have advanced to the point where even trusted, well-known websites can silently infect users via drive-by download attacks. The surge in spear-phishing as the top method used by malware attackers to gain unauthorized access to sensitive data has led to widespread implementation of end-user awareness programs.

To minimize malware risks it is essential that every employee within an organization understand that they are both an asset and a potential security liability. After instituting these programs, odds are high that most employees will know not to open the email attachment from the Nigerian lawyer who claims they are the beneficiary of a large fortune or click on an email link purporting to be from their bank, asking them to confirm their access credentials.

At this time of year, many of us like to surprise our family, friends, and colleagues with gifts that aren’t what they appear to be. A ring wrapped in the box your microwave came in. A sweater in a package weighted down with a few bricks. Or maybe a new suitcase that actually contains tickets for a trip. You get the picture – using deception for a pleasant surprise.

It strikes me that attackers like to ‘surprise’ their targets in much the same way – disguising threats as something they aren’t, but leading to a not so pleasant surprise. They may send emails that appear to be from a trusted source, but instead include a link to a website or a file attachment infected with malware. There are targeted attacks that combine sophisticated social engineering with elusive methods to gain a persistent foothold within the network and exfiltrate critical data. There are entirely new zero-day attacks, unlike anything we’ve seen before and which traditional defenses can’t recognize. And techniques continue to change.

computer malware keyboard

Email SecurityOne of the latest methods is ‘snowshoe’ malware, so named because much like a snowshoe that has a large but a faint footprint that is harder to see, the attacker spreads a lot of small messages across a large area to avoid detection by traditional defenses. Snowshoe spammers rapidly change body text, links, the IP addresses used to send from, and never repeat the same combination. The possibilities are seemingly endless.

These various types of attacks are successful because they are well-disguised, blend different techniques, and constantly evolve. That’s what we as defenders need to do with our defenses – use a security architecture that supports a combination of defenses in ways attackers don’t expect and that continuously evolves protections to keep up with dynamic attacks. As security professionals, we’re all familiar with the concept of defense-in-depth and multi-layered protection. Traditionally, these approaches have been focused on the network, but they can and should be applied to email gateways as well.

If our system is getting infected, it’s important to design defense in depth framework to tackle latest or old malware/spam and of course by spreading awareness of such malware scenarios and attacks will be a more gentle work in today’s Internet of Things word.

“Be Smart Be Aware As you are not alone in the malicious world “

About the author Archana Chimankar

Archana Chimankar is an Information Security consultant. She has completed MBA in IT Business Management and specializes in Information Security from Symbiosis International University (SIU). Currently working with Tech Mahindra Ltd as a security consultant. She specializes in implementing and auditing various compliance such as ISO 27001 ISMS, IT General controls, BCMS, PCI DSS, SAS70 etc. and delivering security awareness trainings to different clients.

Edited by Pierluigi Paganini

(Security Affairs –  computer malware, cybercrime)


facebook linkedin twitter

cyber security Hacking Internet of Things IoT malware virus zero day attacks

you might also like

Pierluigi Paganini June 25, 2025
Hackers deploy fake SonicWall VPN App to steal corporate credentials
Read more
Pierluigi Paganini June 25, 2025
Mainline Health Systems data breach impacted over 100,000 individuals
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

    Security / June 26, 2025

    CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

    Hacking / June 26, 2025

    Hackers deploy fake SonicWall VPN App to steal corporate credentials

    Hacking / June 25, 2025

    Mainline Health Systems data breach impacted over 100,000 individuals

    Data Breach / June 25, 2025

    Disrupting the operations of cryptocurrency mining botnets

    Malware / June 25, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT