This week I attended a webinar - "Breaking Botnets and Wrestling Ransomware 2018 Trends and Insights from Microsoft Security". I got some interesting insights:
Microsoft's Security Intelligence Report (SIR) has more details, and some good recommendations for enterprises to secure their data, network and users.
- Phishing is the new "low hanging fruit" vs. macro-based malware threat
- Phishing mails have been impersonating popular brands such as Microsoft associated brands, DocuSign, Dropbox, Apple, Amazon, FedEx, DHL, UPS, banks and government services
- 50% of SaaS storage apps and 40% of SaaS collaboration apps do not support HTTP headers session protection
- Only 4% of SaaS storage apps and 3% of SaaS collaboration apps support all HTTP headers session protection methods
- 28% of SaaS storage apps and 19% of SaaS collaboration apps do not support any type of data encryption method
- 79% of SaaS storage apps and 86% of SaaS collaboration apps do not encrypt data both at rest and in transit
- Greatest number of ransomware encounters were in Asia
- About 67% of incoming attacks on Azure services in 2H17 came from IP addresses in China (31.7%), USA (18%), and Russia (15.9%); with France trailing (6.7%) at forth spot
- 54% of malicious IP contacted by compromised Azure VMs in 2H17 were located in China, followed by 22% in USA
Microsoft's Security Intelligence Report (SIR) has more details, and some good recommendations for enterprises to secure their data, network and users.