Home / Malware / Beware of the new malware that can't clean its tracks – CSO Australia

Beware of the new malware that can't clean its tracks – CSO Australia

A new malware compromise identified last week was using malware officially signed and provided by its software manufacturer for public download by millions of people. It’s a move that threw many organisations in a state of worry.

The Cisco Talos research team has disclosed its investigation into a popular software utility, CCleaner, which had been compromised and disseminated to more than two million users. Suddenly, a widely used software application was found to have contained malicious code. The code would be downloaded and further execute additional untrusted and unverified applications.

We are no longer defending solely against unknown applications. We are defending against our blind trust in digital signatures and prevalent applications – applications that gain inherent trust in our minds and in our existing computer protection systems and signatures.

As coffee flows and teams assemble to assess the scope and damage from these events, we should focus on how many organisations find themselves in this reactive position. Network defenders are typically faced with an unending number of threats against their environment through various types of attacks.

While general defences can be applied to protect against drive-by malware or attacks via email attachments, organisations are continually on the hunt for advanced threats using unknown or uncommon techniques. This vigilance is both technically and emotionally draining on blue teams, who are busy plugging a thousand holes in the dam.

Source link


About Burrito

Leave a Reply

Your email address will not be published. Required fields are marked *

Show Buttons
Hide Buttons