Greg Coticchia, President and CEO of Malcovery
Email continues to be the most common attack vector
(PRWEB) July 22, 2014
Malcovery®, the leader in delivering actionable threat intelligence that can be proactively applied to neutralize the danger and attacks by cyber criminals in the areas of phishing, spam and malware, released today the latest ‘Top 10 Phished Brands That Your Antivirus is Missing,’ a report that discloses leading brands that are most exploited by cybercriminals in phishing attacks with malicious spam. Malcovery delivers Today’s Top Threats (T3), threat analysis throughout the day, which informs enterprises of emerging cybersecurity threats found in spam email messages.
To receive a copy of this report, please visit: http://info.malcovery.com/top-phished-brands-report-q2-2014.
Email continues to be the number one threat vector in enterprise, despite the current ‘detect and respond’ infrastructure in place intended to stop it. According to industry analysts and leading pundits, “Email continues to be the most common attack vector” (Gartner), “Email attacks were the primary mechanism to deploy malware into enterprises either directly or indirectly.” (Verizon), and “67% of the time in large enterprises, email was the direct vector” (Verizon).
To combat attacks against phished brands identified in this report, and in general against all types of malware attached to email, Malcovery Security delivers Today’s Top Threats™, or T3, a SaaS threat intelligence service that includes both a daily report as well as machine readable threat intelligence (MRTI) to provide information security teams with in-depth intelligence about emerging threats that pose an imminent danger to an enterprise network. Unlike any other threat intelligence tool available n the market today for this purpose, T3 not only identifies malicious software in spam email as it emerges as a preventive measure, but also as a forensic tool to be used to examine your logs for evidence of an incursion.
T3 is based on the reality that the most dangerous email-based threats, (such as phishing, malware and spam) are successfully arriving in email inboxes before the majority of anti-virus, web filtering, IDS/IPS, etc., solutions have provided protection against them. According to a recent report by Verizon, investigating 621 data breaches, only 4% were detected by Network IDS (Intrusion Detection Systems) and only another 4% were detected by analyzing log files; most Anti-Virus programs didn’t detect any of them.
As a result, tens of thousands of computers and mobile devices are infected every day. Malcovery T3 is a unique service in that it not only identifies these email-based threats in advance of other services, but also prioritizes them so that busy security practitioners can focus on the time-sensitive issues that are missed by other vendors and sources of threat intelligence.
Malcovery T3 delivers not only contextual information about ‘indicators of compromise’ but also data that is available in multiple formats, including XML, CSV and STIX (Structured Threat Information eXpression). By supporting these formats and standards, Malcovery allows its threat intelligence to become actionable in machine-readable language that organizations can use to efficiently incorporate the latest threat information into their security infrastructures.
“Phishing and malicious spam continue to threaten networks and brands, and as a result, the key question a company needs to ask about the brands listed in this report is ‘Would any of my employees ever respond to an email from one of these brands?’ If so, your business may already be infected with malware,” stated Greg Coticchia, cofounder, President and CEO of Malcovery Security.
Key benefits of T3 are:
➢ Get critical, actionable intelligence faster. Learn what email-borne threats are active today, now. Use the information to block users’ access to malicious email messages and harmful URLs before they click to open or access them.
➢ Get broader coverage and stronger protection from threats. Integrate the intelligence from T3 into your existing security infrastructure to automatically fortify your defenses as soon as threats are detected.
➢ Learn the indicators of compromise. T3 can tell you exactly what to look for within your network to determine if an infection or active attack is underway so that you can remediate the problem sooner.
➢ Get proactive protection against future attacks. By blocking access to the known malicious infrastructure reported in T3, you can protect your network from future attacks that can be expected to use that same infrastructure.
➢ Get more value from your existing security infrastructure. T3 information is a complement to your existing defenses. Get better ROI from the tools you already have deployed.
➢ Use real scenarios in your security education programs. As phishing and spearphishing campaigns use social engineering lures that are more believable, your end users are more likely to fall for them. Use the real scenarios that are provided in T3 to train your employees to avoid becoming victims.
➢ Provide better customer service through security awareness and outreach. Proactively inform your end users about threats they may encounter to help them be more security-aware.
As enterprises are moving from a traditional, reactive ‘detect and respond’ stance to an ‘intelligence–led’ prevention approach, enterprise security professionals, such as those in incident response organizations, can protect their networks more proactively from emerging threats that pose imminent danger. Addressing this change in the market, Malcovery recently released a white paper entitled “Fortify Your Network Protection with Actionable Intelligence using Today’s Top Threats,” available as a free download at http://info.malcovery.com/fortify-your-network-protection-with-actionable-intelligence-using-todays-top-threats.
Malcovery was launched as a result of an exclusive worldwide license with the University of Alabama at Birmingham (UAB) and is based on research conducted at the UAB Center for Information Assurance and Joint Forensics Research (CIA|JFR). The company has quickly gained commercial success with enterprise customers such as eBay, Facebook, IBM, VISA, Citi, Assurant, Regions, and Dollar General. Key business/technology partners and resellers include IBM, Agari, ReturnPath, Internet Identity (IID), PPMA, Bishop Technologies and ReSoft International
About Malcovery®
Security Malcovery Security protects networks and brands against email-based attacks. It is the leading provider of actionable cyber security intelligence and forensic analysis about email-based threats (phishing, spam and malware).
Delivered as a suite of subscription services, the company's patented and patent-pending technology provides the ability to identify the root sources of cybercrime attacks (servers, perpetrators, locations, etc.), delivering rich actionable intelligence information about cross-brand attacks and targeted attacks, as well as advanced notification of emerging email-based threats.
Unlike services that serve only as a reactive response to these attacks today--services that simply address the symptoms but cannot provide the intelligence to actually stop the cybercriminal and their activities--Malcovery Security's solutions provide the unique intelligence required to respond effectively to attacks on customers' brands to disrupt email-based threats on an organization.
Malcovery Security has offices in Pittsburgh, PA and Birmingham, AL. For more information, please visit http://www.malcovery.com or connect with Malcovery on Facebook (facebook.com/malcovery), Twitter (@malcovery), and LinkedIn (http://www.linkedin.com/company/malcovery-security).
Editor's Note: Malcovery® is a registered trademark. 'Identify the Source. Stop the Threat.’ is a trademark of Malcovery Security, LLC. All other trademarks mentioned herein are the protected properties of their respective owners.
