Cybersecurity company Proofpoint recently uncovered a powerful new malware designed to steal credit card and password information from the Google Chrome and Mozilla Firefox browsers. Dubbed ‘Vega Stealer’ this is an upgraded version of an older malware called August Stealer. You can read all details on this attack in Proofpoint’s blog, but what peaked my interest is how attackers are going about getting users to download the malware in the first place.
Yet again, we’re faced with a malware campaign that uses phishing e-mails to distribute itself! I’ve highlighted on multiple occasions how email remains the infection vector for over 90% of malware and now, decades on from its emergence as a mainstream communications tool, I am puzzled as to why we are still having these discussions today.
I could highlight the ways in which organizations can better secure email, and (for the 100th time) dive deep into the simple precautions users need to take to mitigate the email-based cyber threats. But, I want to keep it extremely simple and sum up my thought into just one sentence-
Building your processes around receiving unsolicited Office documents, unverified links or other downloadable and clickable content from unknown third-party entities is simply not acceptable in the age of malware and attacks.
The advice for fixing the issues are always the same with taglines like “do not open attachments from someone you do not know or trust” – But how about avoiding this decision in the first place?
Today we have technologies that disarm content when it is received, basically dis-arming weaponized attachments and making the content usable, yet harmless. This allows you to still maintain your business process and receive mails with attachments, but your users no longer need to make decisions regarding which senders they trust and who they don’t.
A leader in this technology space is our partner OPSWAT with their data sanitization solution, also known as Content Disarm and Reconstruction (CDR). Instead of trying to identify malicious content, their approach assumes all files are malicious and proceed to sanitize and rebuild. This ‘trust no one’ approach is absolutely critical as today 98% malware use at least one evasive tactic and 27% malware evade detection from a single sandbox, according to a report by security as a service provider Cyren. OPSWAT thus maintains the files usability while ensuring it is completely safe. This approach is especially helpful against zero-day threats, the signatures of which are not yet updated in tradition detection-based solutions.
Talk to us about your e-mail security and fix weaponized attachments once and for all. And remember “Trust no file, trust no device” should be the mantra of the age of Malware.
Nicolai Solling, CTO at Help AG