By: Fahmida Y. Rashid, eWeek
Nearly 99 percent of enterprise-level networks have a serious gap in their IT security defenses enabling advanced malware to easily slip through, according to FireEye. Successful attacks typically exploit zero-day vulnerabilities and frequently change the attacking domains and code binaries to avoid detection, according to a new FireEye report. About 80 percent of enterprises in the report were hit with more than 100 new infections per week in the first half of 2011, according to a report from FireEye Malware Intelligence Lab released Aug. 31. If that number wasn’t high enough, 98.5 percent of enterprises have at least 10 infections a week, the report found. Malware authors tend to employ dynamic “zero-day” tactics to exploit vulnerabilities no one else knows about and can’t defend against. Even so, 94 percent of malicious binaries are being “morphed” or modified within 24 hours of releasing them to stay undetected by security tools. The attackers also change the malicious domains hosting the malware within hours.
Share on Facebook