"New Threat Report Finds Email Prime Vehicle for Malware"

The Threat Insights Report recently released by HP and Bronium found that 88 percent of malware was delivered via email in the fourth quarter of 2020. In the delivery of malware by email, threat actors have been successful at circumventing measures implemented for email gateways to filter out malicious emails. Email will remain a major attack vector for cybercriminals due to the continued success at exploiting the human factor. The report also highlighted a 12 percent rise in the delivery of malware that exploits a Microsoft Word remote code execution vulnerability and a 12 percent increase in the use of malicious executable files. Of the malware threats captured in Q4 2020, 29 percent were unknown by hash to antivirus scanning engines when they were isolated, primarily due to the widespread use of packers and obfuscation techniques used by threat actors to avoid detection. On average, it took 8.8 days for malware samples to become known by hash to antivirus engines. Experts call on organizations to invest more in resilience than prevention to minimize the impact of attacks as prevention strategies are expected to continue having a high failure rate due to the constant emergence of zero-day vulnerabilities. This article continues to discuss the use of email as the main vehicle for delivering malware, the circumvention of traditional detection-based tools, what obfuscation techniques are being used by attackers, and the need for organizations to increase their investment in resilience to bolster their security. 

TechNewsWorld reports "New Threat Report Finds Email Prime Vehicle for Malware"