SonicWall Cyber Threat Report – Web App Attacks Pt. 2

This list is often leveraged by the greater
security industry as a framework to protect
against common web app attacks.
Unfortunately, this dynamic also provides
cybercriminals with a better blueprint from
designing attacks.

Currently, the top known web attacks include
SQL injection, directory traversal, cross-site
scripting (XSS), broken authentication and
session management, cross-site request
forgery (CSRF) security misconfigurations,
sensitive data exposure and more.

SonicWall Cyber Threat Report – Web App Attacks

Web applications make the digital world spin,
particularly in a hyper-connected, cloud dominant
landscape. They help deliver the client-side
experience most end-users know and use within
their favorite browser.

Everything from Office 365 and G Suite, to
Salesforce and Dropbox, either deliver cloud-first
interfaces or offer web versions that complement
a software offering.

SonicWall Cyber Threat Report – Momentum of Perimeter-less Security

For decades, protecting networks was entirely focused
on defining perimeters and setting up defense layers to
keep threats out. And for years, this approach served
businesses well, with finite exposure points and attack
vectors that were guarded with some investment and
adherence to established best practices and frameworks.

Sonicwall Cyber Threat Report – Malware Variants Found by RTDMI

By forcing malware to reveal its weaponry in
memory, RTDMI proactively detects and blocks
mass-market, never-before-seen threats and
unknown malware, including attacks against
processor vulnerabilities and malicious PDFs and
Office files.

What are ‘never-before-seen’ malware variants?
SonicWall tracks the detection and mitigation of
‘never-before-seen’ malware.

Sonicwall Cyber Threat Report – Risks from Kits and Macros

New Exploit Kits Emerging
With of various cyber-criminal gang
members, some exploit kits (EK) have emerged to
replace older variants. But even the new EKs still
utilize fairly old Internet Explorer and Adobe Flash
vulnerabilities. Like their predecessors, they also are
mainly distributed via “drive-by-download” and
malvertizing campaigns.

Protecting your network

As of June 30, 2014, more than 1,000 data breaches affecting more than 500 patients each have been reported to the Department of Health & Human Services – for a total of roughly 32,000,000 people who have had their privacy compromised. And, according to the annual Redspin Breach Report, published in February of 2014, 7.1 million patient records were breached in 2013, a 137.7% increase over 2012.

And, the threat is getting broader.