Britons place trust in banks to provide biometric services

Visa has conducted extensive research into consumer attitudes to biometric payments.The results show that Britons place trust in their banks to provide biometric services.

“This study establishes that there is a strong desire on the part of consumers to have a secure user experience when interacting and transacting online. The desire, may not align with the reality of the situation. Physical biometrics such as fingerprints, selfies and voice authentication aren’t fool proof, and there are challenges that may block widespread adoption in non-face-to-face interactions.
The fact that 85% of respondents see banks as the most trusted institution in the provision of biometric authentication isn’t surprising, given that they are part of the authentication lexicon, and solutions such as Apple’s Touch ID have given consumers a glimmer of the future of biometrics, while delivering outstanding user experience. 
Physical biometrics can be part of a good multifaceted approach, but they are still static data points that can potentially be misused in the wrong hands. While not generally acknowledged by the general public, fingerprints, voice and retinal scans can be spoofed. And, unlike passwords, physical biometrics can’t be changed. It’s the lasting and permanent nature of physical biometric data that may have more negative impacts than passwords since, as in the OPM Breach, once these have been released into the wild, they pose a risk for the lifetime of the victim who can do nothing to change this core data.
Loss of fingerprint data is not just a theoretical concern, as several large breaches over the last couple of years have exposed fingerprint data en-masse. As stolen data is often traded and consolidated into larger, more accurate profiles that can be re-used for a number of nefarious purposes from espionage, to identity theft, and financial fraud. Selfies and voice biometrics have contextual issues, like, it may not always be appropriate to take a selfie or provide a voice sample to authorise an online transaction. Particularly in a place where such activity may be frowned upon or disruptive (such as a meeting, on public transit, airports, or in a culturally sensitive place). Beyond social and cultural issues, there are concerns how a move to physical biometrics may provide a false sense of security to consumers and institutions, given the wealth of physical biometric data that is shed by a person through their day-to-day life.
While liveness verification has become a standard in modern physical biometric verification systems, they are not without flaws that allow pre-recorded or captured biometric data to be replayed. Voice samples are recorded with every voicemail you record. Fingerprints are left behind on every object you touch. Your iris and facial data is recorded with every photo you pose for. Recent data breaches have also shown that high fidelity physical biometric data can be stolen in bulk, just like credit card numbers and user credentials – effectively making these physical biometrics more static data that can be stolen and reused to impersonate you in non face-to-face transactions.
The true strength of behavioural biometrics is in providing trust. While the consumer trusts the fingerprint, or the voice print, retinal scan or any other visible security the bank may choose, that is what they see and how they feel – it’s the guard at the door, if you will. Using passive and invisible behavioural biometrics (BB), the bank can also have full trust in their key objectives, protecting the user account and providing a good customer experience. In this way BB solutions can draw a straight line to a trust-trust relationship between banks and customers.
Another advantage of BB solutions is that they use non-static signals and indicators of human identity – signals that cannot be stolen, reused or replayed for impersonation. It can therefore provide a high degree of confidence in the identity of the user. Passive biometric solutions identify suspicious activity in a completely passive and non-intrusive way by understanding how a legitimate user truly behaves in contrast to a potential fraudster with legitimate information. So, even if the fraudster has your spoofed fingerprint, and all of your account information, organisations can look at your behavioural events, biometrics, device, geography and other layers to determine if you are the real actor behind the device or fingerprint.  
Additionally, with BB, users can even be rewarded for good behaviour with a white glove experience, or extra perks and incentives, giving banks and e-commerce companies the unheard of potential to actually improve their brand experience with their security layer.”

Robert Capps, VP of business development at NuData Security.



WIRED Security 2016 discount offer for DFMag readers

WIRED Security (20 October 2016) is a new one-day event, which will gather more than 20 industry-leading Main Stage speakers, plus an exciting selection of startups and growth-stage companies working in the fields of software, intelligence and security services. 

WIRED Security will welcome policy makers, hackers, enterprises, regulators, security software specialists, data brokers, cryptographers, social media companies, academics, startups, law enforcement and the intelligence community.


Speakers include:


• Sir David Omand, Former Director of GCHQ

• Alex Rice, Co-founder and CTO, HackerOne

• Patricia Lewis, Research Director, International Security, Chatham House, UK.

Agenda topics include: The Threat to Enterprise and how to build in resilience, Open Source and Predictive Intelligence, National Security and What We Can Learn from Hackers and Emerging Threats.

 Click here  to find out more and book your place today using code WSDIG25 to receive a 25% discount.




Digital Forensics Rescues Retro Video Games and Software

The box cover for Asteroids for the Atari 7800 gaming system, one of roughly 25,000 titles of vintage video games and productivity software applications in the Stephen M. Cabrinety Collection in the History of Microcomputing.
Credit: Courtesy of Department of Special Collections, Stanford University Libraries.

Starting in the mid-1980s, a young man named Stephen Cabrinety filled his home with video games and software. Unopened boxes were piled to the ceilings—everything from early word processing programs such as WordStar to vintage releases of Pong, Doom and SimCity. Although at the time some might have thought he suffered a peculiar obsession, today the Cabrinety collection is considered a priceless snapshot of our culture—one captured just as the digital tsunami that would forever change our civilization was hitting our shores.Cabrinety did not live to see what would become of his efforts—he died of Hodgkin’s lymphoma in 1995 at the age of 29—but his collection has achieved a sort of digital immortality. The Stanford University Libraries, which acquired the collection in 2009, and the National Institute of Standards and Technology (NIST) have just completed a multi-year effort to rescue the collection’s digital content from the Atari game cartridges, 5-1/4 inch floppy discs, magnetic tape and other deteriorating storage media that held it. That salvaged data is now safely archived on servers at the Stanford Digital Repository and has been added to NIST’s National Software Reference Library, a resource that supports digital forensic investigations.

The Cabrinety collection includes some 25,000 software and video game titles, as well as the original box covers and other period artwork they shipped with. The collection also includes game consoles, magnetic tape readers, bulky hard drives, and other relics of the era. 

This collection has obvious appeal for retro gamers, but its value is much more than nostalgic. 

“Most of human culture today is created and consumed using digital software,” said Henry Lowood, who, as curator of the History of Science and Technology Collection at the Stanford University Library, led the library’s effort. “How we write has changed. How we communicate has changed. Art, education, entertainment have all been changed by the advent of computing and software. We wouldn’t be able to say much about the evolution of human culture in the late 20th century without collections like these.”

Digital Forensics Meets Cultural Preservation

Every time a book is published, a copy is deposited at the Library of Congress. Other institutions are dedicated to archiving music and film. But there is no single repository where software goes to be preserved for the ages.

There is one that comes close, however: NIST’s National Software Reference Library (NSRL), a vast and constantly updated archive of software titles in their numerous versions. The NSRL is the largest collection of its kind in the world that is publicly known.

NIST maintains this collection not to preserve cultural history but to provide a forensic tool for law enforcement and national security investigators. NIST runs every file in the NSRL through a hashing algorithm that generates a virtually unique digital fingerprint for each—over 180 million of them so far—and makes them publicly available. When investigators seize a computer as evidence, they use those digital fingerprints as a known file filter, so they can quickly separate irrelevant files from those that might contain evidence. 

For instance, after Malaysia Airlines flight MH370 disappeared somewhere over the Pacific in March 2014, the FBI called NIST. “They wanted every hash of every file associated with every flight simulator we had,” said Doug White, the NIST computer scientist who runs the NSRL. “All the maps. All the routes. They wanted every flight path the pilot might have practiced on, so they could figure out where he might have gone.”

A Dream Assignment

It takes a particular personality to spend one’s life feeding the NSRL. You would need the passion of a collector, the sensibility of a curator, the technical skill of a computer scientist, and the ability to find satisfaction in a job that you know will never be done. 

Box cover for Sim City video game

The box cover for SimCity for Macintosh computers, one of roughly 25,000 titles of vintage video games and productivity software applications in the Stephen M. Cabrinety Collection in the History of Microcomputing.

Credit: Courtesy of Department of Special Collections, Stanford University Libraries. In other words, you’d have to be a bit like Stephen Cabrinety. And in fact, White does share a number of traits with the man whose collection he’s helped to preserve.

“We’re just one year apart in age. We both grew up in East Coast suburbs. And I’m also a bit of a collector,” White said, gesturing sheepishly at the towering piles in his office.

So when NIST and Stanford University teamed up on the project, it was a dream assignment for White. He remembers the day in 2012 when the first box from Stanford arrived at the NIST campus in Gaithersburg, Maryland. Inside were early versions of Doom and SimCity, still in their shrink-wrapped boxes.

“For me, it was like opening King Tut’s tomb,” White said.

Those titles were printed on 5-1/4 inch floppy discs, and extracting the data was relatively straightforward. Other titles presented greater challenges, such as those that were published on audio cassette tape. To load up those programs, you play the sound into a computer. 

“It sounds like a modem squeal, with all the hiss and static,” White said. Different manufacturers formatted the sound differently, and White had to find documentation for each. “Sinclair computers stored it one way. Commodore stored it another.”

A Visionary’s Legacy is now Secure

So, can you log in to the Stanford University Library server and play the earliest version of Activision’s Pitfall! in your browser?

The box cover for Mario Bros. by Nintendo for the Atari 2600 gaming system, one of roughly 25,000 titles of vintage video games and productivity software applications in the Stephen M. Cabrinety Collection in the History of Microcomputing.

Credit: Courtesy of Department of Special Collections, Stanford University Libraries.

Not yet, said Lowood. “Our first priority was to make sure that the data survived.” Now that it has, the Stanford team hopes to begin working on systems that will load the games and applications. In the meantime, the collection is available for viewing at the Stanford University Library.

The partnership between Stanford and NIST was a boon to both. Stanford benefited because, even though the NSRL is principally used for forensic investigations, it turned out to be perfectly suited for this type of cultural preservation. And NIST benefited by adding a large volume of software to the NSRL, some of which still turns up when old hardware is included among evidence seized in an investigation.

But for all the work by experts at NIST and Stanford, the most important partner in this project was the one who came first. Cabrinety was more than a collector. His dream was to create an educational and research archive for future generations to study. In 1989, when he was all of 23 years old, he founded CHIPS—the Computer History Institute for the Preservation of Software, arguably the first nonprofit institution of its kind. Cabrinety died too young, but with his collection now saved for posterity, his dream lives on.



 UK consumers more concerned about financial information and medical records being stolen than private family details

 Centrify, has released findings from its 2016 Consumer Trust research study that examined consumer attitudes toward hacking, including what information people most fear being hacked, how often people change their passwords and how aware they are when a hack does occur.
The online study reveals that people are most worried about credit cards or bank statements being hacked, with 85 per cent in the UK ranking it a top concern, well ahead of the US and Germany (78 per cent).
The study, which surveyed 2,400 people in the US, UK and Germany, also found that consumers are very concerned about financial investment information falling prey to hackers, with 56 per cent in the UK, 58 per cent in the US and 43 per cent in Germany citing it as a top concern. This is followed by health and medical records, with 45 per cent in the UK (46 per cent in the US and 48 per cent in Germany) saying they are most worried about this information being hacked.
By contrast, people are much less worried about family information falling into the hands of hackers, with less than half citing this as a top concern in all three countries – 41 per cent in the UK, 44 per cent in the US and 43 per cent in Germany. Hacks related to a person’s criminal history, web browsing history and dating profile information are of the least concern.
The study also shows that when personal information is hacked, customers do not always hear about it directly from the targeted business that holds their data. At least half of respondents in each country who were victims of a hack said they heard about the hack via the news. Younger people are more likely to hear about hacks via social media.
Additionally, the survey reveals that, despite the growing media spotlight on high profile hacks, most consumers have poor password habits and do not take adequate precautions to protect their personal information. One-third of UK consumers change their passwords once a year, less or never!
Andy Heather, Vice President and Managing Director EMEA at Centrify, comments: “People can no longer afford to put their data at risk. To protect themselves and their personal information, they need to improve their password hygiene and follow simple precautionary steps, such as monitoring their online accounts and frequently changing their passwords. They should also look to organisations, including retailers and banks, to offer additional or next-level security such as multi-factor authentication (MFA) or biometrics as part of their own security processes and do business with them.”
Over two-thirds of people in the UK do most or all of their banking online, and about one-third do most or all of their shopping online, according to the study, making them increasingly vulnerable to attacks. The good news is that many people are eager to improve their online habits. The study reveals that frequent password changes are more common among those who have had their personal information hacked in the past and those who tend to do more online shopping.
The survey also indicates that they are willing to invest time in going through security processes if it makes them safer. More than half of all Germans (52 per cent) expressed a willingness to spend at least 10 minutes on security measures, followed by 46 per cent in the US , but just 30 per cent in the UK.
Half or more selected a fingerprint ID as one of the top two security measures they would be comfortable using. The alphanumeric password (a combination of letters and numbers), the four-digit password and voice ID follow. The study reveals that people are much less comfortable with a graphic password, GPS locator and the ability to erase data remotely.



New spyware uncovered in Google Play Store

On the heels of the Trident iOS vulnerability news, Lookout’s Security Research & Response team has uncovered a new piece of spyware, this time affecting several apps live in the Google Play Store.
The spyware, called Overseer, was identified in four apps, one of which claimed to provide search capabilities for specific embassies, suggesting that the app was designed to target foreign travelers.
Current variants of Overseer gather and exfiltrate a significant amount of personally identifiable information, including:

1.Users’ contacts, including name, phone number, email, and times contacted
2.All user accounts on a compromised device
3.Precise location, including latitude, longitude, network ID, and location area code
4.Free internal and external memory



Vulnerable DVR System Ready to Become a DDoS Botnet

Following the news that another vulnerable DVR system is ready to become a DDoS botnet,Alex Mathews, EMEA technical manager at Positive Technologies, has made a comment: 

“The presence of easy-to-exploit vulnerabilities and backdoors in DVR devices is not breaking news. Positive Technologies security specialists have already been detecting several critical DVR vulnerabilities in 2013 including issues related to the so-called “master passwords” that allow attackers to access DVR systems remotely, to change or delete the records, to attack the other parts of corporative networks from hacked DVRs or use them for botnets: The vulnerable firmware we found, including Samsung Web Viewer, is used in many DVRs sold under dozens of brands throughout the world and widely available via Internet (more than 500 000 at the moment of the vulnerabilities’ discovery).

The DVR vulnerabilities are often very primitive and easily found even without high-level skills. The problem is that DVR manufacturers usually do not develop their own firmware completely and use third-party solutions. Such firmware can be distributed through dubious channels, so DVR manufacturers may not even be aware of some hidden undocumented features. For instance, vulnerabilities detected by our specialists were present in a popular firmware, used and updated by different manufacturers. These firmware vulnerabilities affected a very wide variety of devices from different vendors.

However, many manufacturers are not really concerned about issuing updates and establishing mechanisms to make them available directly to devices or distributed to users. The process of fixing vulnerabilities gets more complicated when using third-party firmware: a DVR manufacturer does not have full control over it and does not know how to modify it.One of such manufacturers of popular and vulnerable firmware we tried to reach out to (so they could fix vulnerabilities) did not respond.

Private companies are also exposed to risks associated with vulnerabilities and security breaches of DVR devices. An intruder can use these vulnerabilities to conduct APT attacks against the company’s network. Typical security tools usually fail to detect the intrusion (the classic antivirus approach is not effective in this case).

For all these reasons, a hacked DVR easily becomes a malicious minicomputer device in your network, and attackers can potentially install their own software on this device. The backdoor in DVR devices may be left unnoticed for a long period of time.

To protect yourself, we recommend you to isolate such devices from the Internet (by changing your router and/or firewall settings). We also advice restricting Intranet access to DVR devices for a while. Allow access only to certain IP addresses that reasonably require access (for example, to administrators). At the same time, you should restrict the DVR access to the network allowing access only to necessary IP addresses, and place such devices in an isolated network.”



A cyber attack on biometric data could pose significant risks at border

Canada’s Border Security Agency warns that a cyber attack on their facial recognition or fingerprints databases could result in barring innocent travellers from Canada — or letting the wrong people in. Officials said they need to “keep pace with emerging security vulnerabilities” to systems governing who can enter the country. The agency’s growing use of “biometric” data — such as fingerprints, facial recognition, and retinal scans — was cited as an example. 
Commenting on this, Robert Capps, VP of business development at NuData Security, said: 

“Physical biometrics work best when the person being authenticated has physically presented themselves to the authenticating party, which is why fingerprint and iris scanners work well in a border control setting – they are hard-wired, monitored and nearly impossible to spoof. However in a non face-to-face interaction, using a single biometric data point to authenticate a user is no different than adding a second, static password. In a way, in certain scenarios, they could be worse: a stolen or leaked password can be reset, your finger or iris print cannot.
High-quality reproductions of a fingerprint (a static image) or a recorded heartbeat (a set, basic pattern) can be captured and reused, and can be stolen en masse, like the 5.6 million fingerprints stolen from the Office of Personnel Management last year. Even low-tech methods can produce results, like the infamous gummy bear hack for fingerprint scanners. There is also a very real threat of fraudsters going after individuals in person, to garner physical biometrics for nefarious activities – such fears are steering away risk-adverse companies. The sheer breadth of damage that can be done with just one piece of personal, biometric information highlights the sophistication of today’s hacker and shows what security teams must now deal with.
If ANY border service agency was breached, and we have to be clear that there is no indication that it has been a breach, there is a risk. By combining the information stolen from such a breach and other breaches, cyber criminals have the potential to piece together very comprehensive user identities. One frightening example is the “Facebook of Everything” that China’s intelligence service is compiling from the personal data stolen over several high-profile U.S. cyber breaches including OPM. Their stated goal is to compile it into a massive Facebook-like network to build a profile of everyone — with more details than Facebook.
In other words, they’ve now got a full database of information that could be used for multiple fraudulent and nefarious purposes into generations to come. They are able to use the stolen information and fingerprints to create more comprehensive ‘identity bundles’ which sell for a higher value to hackers. With more complete information, more damaging fraud can take place. As an example, if I’m a hacker and gain access to geographical data on John Smith from breach one, and bank account information from breach two, I can fill out a loan application or apply for a new credit card as John regularly would. This is true for the millions of stolen fingerprints as well, especially with the increased adoption of touch/fingerprint-based authentication for mobile banking and payment apps. Unlike passwords, fingerprints can’t be changed, last a lifetime, and are usually associated with critical identities.
Identity protection services or credit monitoring aren’t enough when it comes to biometric identity theft. Fingerprints cannot be changed. Spoofing fingerprints is no longer something from a sci-fi movie. It is happening and will increase more as cheaper tools make their way onto the dark web, and even WikiHow has a step-by-step guide.
Fortunately, user behavioural biometrics (BB) can provide the extra layers of protection even after hacks have occurred. Online fraud detection solutions using BB can stop fraudsters in their tracks by identifying suspicious activity, in a completely passive and non-intrusive way. This is accomplished by understanding how a legitimate user truly behaves in contrast to a potential fraudster with legitimate information. Even if the fraudster has your spoofed fingerprint, and all of your account information, organisations can look at behavioural events, biometrics, device, geography and other layers to determine the real actor behind the device or fingerprint. Without even interrupting a user’s experience, fraud can be predicted and prevented from occurring.”



Donald Trump’s campaign website leaks intern resumes

Following the news that Donald Trump’s campaign website leaks intern resumes,the following comments have been received from members of the security industry;
Lee Munson, security researcher for

“Love him or hate him, Donald Trump has a real shot at the White House in the upcoming US elections. Should that worry the security-conscious among you? – Hell yeah!
Even if you are not concerned by his request to Russian President Vladimir Putin to cyber-attack his country to boost his chances of being elected, the fact that his own website allegedly has more leaks than Hillary Clinton’s private email server should be enough to convince you that American information assets are at peril.
Not that such concerns are only the preserve of ‘The Donald’. In what is arguably the most cyber-attacked nation on earth, the federal government’s inability to protect its own citizens’ data at the Office of Personnel Management, and elsewhere, shows the self-proclaimed keeper of the worldwide web has much work to do before and after its people go to the polls on November 8.”

Tim Erlin, Director, Security and IT Risk Strategist at Tripwire:

“Cybersecurity isn’t a partisan issue. Both Democrats and Republicans alike are capable of misconfiguring settings and failing to patch vulnerabilities.
Campaigns are often difficult entities to secure. They aren’t permanent organizations, and their staff and needs change rapidly. Campaigns do handle sensitive information routinely, and securing that data needs to be part of their charter from the start.”

Robert Page, Lead Penetration Tester at Redscan:

“Vulnerabilities like the one affecting the official website of Donald Trump are all too common, enabling hackers to bypass authorisation controls to access sensitive files.
While in this instance, the breach appears not to have been particularly serious, intrusions like this can be significantly more damaging if hackers research site file naming conventions to conduct wider, more targeted brute force attacks.
A cyber breach can cause severe reputational damage to an individual or organisation so it’s important that websites are regularly penetration tested by security experts to ensure that flaws, such as the one highlighted here, are addressed.”

Jonathan Sander, VP of Product Strategy at Lieberman Software:

“The Trump website leak could have happened to anyone – anyone who is more concerned about business results than security. When you put it that way, it sounds as if the Trump campaign was extremely careless with this data, but the sad truth is that’s not the exception, it is the rule. Some person likely set up the system in the most expedient way possible, and no one reviewed the security until someone acted like a bad guy, which is the story of most breaches. There’s also a question here about the design of the system itself encouraging better security in how it walks the user through set up. In the end, this falls to the person hired by Trump to do this configuration, someone who may today be heading towards the iconic “you’re fired” right from the man who made it famous.”



ClixSense data breach exposes personal information of 2.2 million subscribers

ClixSense, a website which offers users cash in return for completing surveys and watching ads,admitted to a data breach in which an attacker was able to gain access to the firm’s database. In total, 2.2 million records have been published, leaving the data of an additional 4.4 million up for grabs to the highest bidder.

“According to reports, this is another case of poor asset management. Having unpatched servers, no longer in use that are still connected to the network and accessible via the Internet, is nothing more than asking for trouble. A simple analogy to this is like locking all your doors and windows on the first floor of your flat, while keeping a ladder in place leaning against the 2nd story window – where the window is left wide open. You might as well invite the criminals to come in via ladder you left in place. At some point, organisations must be held accountable for their failures concerning “due diligence” – or the lack there of…”

– Stephen Gates, chief research intelligence analyst at NSFOCUS. 



New Bromium research: Ransomware explodes while app, browser and plug-In vulnerabilities increase

Bromium®, Inc., is releasing its semi-annual Bromium Labs Threat Report, an analysis conducted by its research team on cyber attacks and threats affecting enterprise security over the last six months. The findings show that as Microsoft has improved Windows security it seems to be paying off. The good news is while the number of vulnerabilities is steadily increasing, not all exploitable vulnerabilities are actually exploited. The bad news is, criminals are working harder to get protected data. As a result, there’s been an uptick in recent high-profile data breaches and ransomware attacks.
Key findings include:
Vulnerabilities are on the rise, with 516 reported to the National Vulnerability Database in the first six months of 2016, compared to 403 vulnerabilities reported in all of 2015.
Despite the spike in vulnerabilities, Bromium researchers found fewer exploitable vulnerabilities in popular software systems, including Adobe PDF (0 exploits), Chrome (0 exploits), Internet Explorer (2 exploits), Firefox (0 exploits), Java (0 exploits), Microsoft Office (2 exploits) and Silverlight (1 exploit) than in previous years. Bromium credits this to software vendors’ growing attention to security.

The most notable exception for increasing exploits remains Adobe Flash, which had 31 exploits in the first half of 2016—up from eight exploits in all of 2015—a 74 percent increase. While some security vendors block Flash or have dropped support, Flash remains popular among end users and remains one of the top targets for criminals.

Neutrino and Rig are the most used exploit kits. Angler and Nuclear kits were on the list but disappeared in the first week of June. Industry experts believe crackdowns on cybercrime groups caused attackers to switch to Neutrino and Rig to keep malware campaigns going. Bromium researchers note this is likely, referencing a similar case in 2013 when the author of Black Hole (at the time the most used exploit kit) was arrested and attackers pivoted to Angler. Bromium Labs maintains that, despite crackdowns, attackers will continue to switch to other kits to keep attack campaigns running.

The Bromium analysis confirms there’s a gold rush of ransomware happening now. Since the beginning of 2016, dozens of new ransomware families have been released into the wild. The current market leader is Locky, with 755 tracked instances infecting removable drives and RAM disks.

“As an industry, we’ve always said there’s no one silver bullet to address the complexities of attacks that are affecting our business. However, our latest research shows that enterprises and vendors alike are stepping up to do a better at securing their networks and data,” said Rahul Kashyap, EVP and chief security architect at Bromium. “But there’s still work to be done. Old attack tactics like phishing and watering holes persist, and new attack techniques are always emerging. Automated attacks are consistently bypassing anti-virus (AV) solutions; and malware is morphing every new instance in a network to bypass and therefore render AV useless.”

“Over the course of the next year, I expect attackers will continue to leverage social engineering tactics to exploit users. What’s abundantly clear from our report is that the need to implement instant protection, detection and remediation is more critical than ever,” added Kashyap.
The Bromium Labs Threat Report is based on the results of a comprehensive analysis of threats detected through the Bromium Platform, the industry-leading solution that provides complete defence-grade protection against zero-day malware and targeted attacks on the endpoint.