Cloud-based security provider Barracuda Networks has unveiled a new platform designed to chronicle real-time threat levels based on email, network and web traffic. The vendor’s newly live Security Insight website aims to keep IT pros and consumers abreast of worldwide threat levels.
Barracuda is seeking to cement the principle that security awareness builds vigilance. As such, the Insight resource provides summaries and details of current threat campaigns the vendor tracks in real time, assesses the threat level and marks current attacks. Its platform swells the ranks of security providers supplying real-time threat information, notably Kaspersky, Fortinet, Check Point, FireEye, Arbor, Trend Micro, Akamai and others using global maps.
This platform tracks risks on email, network perimeter, web access and endpoints by analyzing large troves of global intelligence from several sources, Barracuda said. The vendor did not identify exactly where its data comes from. Here’s what the Insight website contains:
- Email: Includes email-borne attacks containing malicious links and attachments, malware, ransomware, and botnets.
- Network Perimeter: Includes zero-hour vulnerability exploits, brute force attacks, DDoS, spyware, and spam.
- Web Access: Includes web browsing attacks involving ransomware, malware, and vulnerability exploits in the wild.
- Endpoints: Includes malware, persistent spyware, botnets, ad and click fraud, IoT malware, and compromised dead apps.
“Organizations often become aware of vicious cyberattacks after the damage has already been done,” said Fleming Shi, Barracuda’s technology SVP. “By offering a free global advisory platform like Barracuda Security Insight, we can help heighten security awareness by proactively identifying the most current threats that should be on everyone’s radar. Those who use the platform can ultimately gain a better understanding of the threat landscape in real-time — an awareness that can lead to an overall improved security posture.”
Barracuda offered some recent threat trends its Insight tool has revealed:
- PDF files represent the highest volume of weaponized file types to be transmitted through observed attack surfaces due to their ability to be simply constructed and easily transmitted. PDFs scanned in the last three months showed nearly 41 million were part of an attack. PDFs often contain links to bad sites and active scripts.
- The most sophisticated attacks with the highest efficacy are carried over embedded scripts such as JavaScript and VisualBasic. Recent findings revealed that over 75 percent of these scripts are malicious. Scripts can be embedded in html, or other rich document formats such as rtf and Microsoft Office. A sample of 70 million Office documents scanned in the last three months found more than 4.7 million to be malicious or suspicious.
- Compressed files are an increasingly popular way for criminals to transmit disguised attacks and hide non-malware infections such as PowerShell scripts. An example of this took place in September of 2017 when Barracuda detected and blocked a massive ransomware campaign with over 27 million emails reaching customers in less than 24 hours.
Barracuda said it expected the trend line to continue with extensive use of weaponized file types to carry out massive attacks. In addition, the vendor said it believes stolen personally identifiable information (PII) on millions of consumers will be used for large scale phishing and targeted spear phishing attacks.
