Anti-virus Software: Ineffective Against Surging Zero-Day Malware

In the latest report from network security firm, WatchGuard, researchers found that zero-day malware made up 74 percent off all threats detected in the first quarter of 2021. This figure is significant because many mainstream anti-virus software programs cannot detect this type of threat. It is the first time these evasive malware threats exceeded traditional threats.

The experts hope organizations recognize this finding as another example of the importance of establishing a "layered, proactive security strategy that involves machine learning and behavioral analysis to detect and block new and advanced threats."

The report also lists the ransomware, Zmutzy, as one of the top-two most common malware threats by volume. This malware uses a simple file name trick - using a comma rather than a period or a manually adjusted icon - to make a zip file look like a legitimate PDF file.

Another key finding is the rising popularity of the fileless malware variant, XML.JSLoader. Fileless malware runs within legitimate programs and in a non-interactive way, making advanced endpoint detection and response measures an essential part of system security. "New WatchGuard Research Reveals Traditional Anti-Malware Solutions Miss Nearly 75% of Threats" www.globenewswire.com (Jun. 24, 2021).

Commentary

Zero-day malware is a cyberthreat that exploits a software program’s vulnerability before the software manufacturer knows about the weakness and develops a patch for it. Since many traditional anti-virus software utilize a database of known software vulnerabilities to stop malware threats, they are obviously ineffective against zero-day attacks.

Keeping your software and security patches up to date is essential. Even though the zero-day window of opportunity for cybercriminals exists, organizations should not lengthen that window by failing to patch known vulnerabilities. Make sure a review of your software updating protocols are a part of regular staff training on system security.

Also, consider using a next-generation anti-virus program that includes threat intelligence and analysis of both system behaviors and code, to better identify zero-day threats.

Finally, your opinion is important to us. Please complete the opinion survey:

News

Eliminate Barriers To Employee Disclosure Of Cyber Vulnerabilities

If someone in your organization knew about a vulnerability and kept quiet, the consequences could be severe. We examine. Read More

New NIST Guidance: How Does It Help Against Cybercriminals?

There are several cybersecurity measures your organization can take to prevent a ransomware attack or to recover from one. Read More

CAPTCHA Turns To GOTCHA: How Online Criminals Are Upping Their Phishing Game To Incorporate Fake Security Credentials

Read about a scheme increasingly used to deceive users, and keep your employees informed. Read More