Barracuda Security Insight Platform Reveals Highly Weaponized File Types

Barracuda Networks announced the availability of Barracuda Security Insight. The new advisory platform offers detailed real-time threat intelligence and security risk information to help consumers and IT professionals remain aware of current global threat levels.

By analyzing data collected from Barracuda endpoints all over the globe, Barracuda Security Insight helps determine the current cybersecurity threat level based on email, network, and web traffic flows. It provides summaries and detailed views of current threat campaigns that Barracuda tracks in real-time.

Some of the recent threat trends revealed by Barracuda Security Insight include:

·         PDF files represent the highest volume of weaponized file types to be transmitted through observed attack surfaces due to their ability to be simply constructed and easily transmitted. PDFs scanned in the last three months showed nearly 41 million were part of an attack. PDFs often contain links to bad sites and active scripts.

·         The most sophisticated attacks with the highest efficacy are carried over embedded scripts such as JavaScript (JS) and VisualBasic (VB). Recent findings revealed that over 75 percent of these scripts are malicious. Scripts can be embedded in html, or other rich document formats such as rtf and Office. A sample of 70 million Office documents scanned in the last three months found more than 4.7 million to be malicious or suspicious.

·         Compressed files are an increasingly popular way for criminals to transmit disguised attacks and hide non-malware infections such as PowerShell (PS) scripts. An example of this took place in September of 2017 when Barracuda detected and blocked a massive ransomware campaign with over 27 million emails reaching customers in less than 24 hours. 

These threat trends gathered by Barracuda Security Insight are expected to continue with extensive use of weaponized file types to carry out massive attacks. In addition, the Equifax breach and other cybersecurity events have resulted in the significant loss of personally identifiable information (PII) for millions of consumers. Barracuda expects to see an increased use of this information for both mass phishing and targeted spear phishing attacks.

“Organizations often become aware of vicious cyberattacks after the damage has already been done,” said Fleming Shi, SVP of Technology at Barracuda. “By offering a free global advisory platform like Barracuda Security Insight, we can help heighten security awareness by proactively identifying the most current threats that should be on everyone’s radar. Those who use the platform can ultimately gain a better understanding of the threat landscape in real-time — an awareness that can lead to an overall improved security posture.”

How Barracuda Security Insight Works

Barracuda analyzes large volumes of global threat intelligence from several sources and presents this through Barracuda Security Insight in the form of easy to read threat trends, detailed information on attack campaigns and an aggregated threat score.

Barracuda Security Insight includes real-time activity seen from the following traffic:

Email: Includes email-borne attacks containing malicious links and attachments, malware, ransomware, and botnets.

Network Perimeter: Includes zero-hour vulnerability exploits, brute force attacks, DDoS, spyware, and spam.

Web Access: Includes web browsing attacks involving ransomware, malware, and vulnerability exploits in the wild.

Endpoints: Includes malware, persistent spyware, botnets, ad and click fraud, IoT malware, and compromised dead apps.

Barracuda Security Insight is currently offered at no cost. It is available via the Barracuda website and also provides an open API integration into applications from common web portals and dashboards, and digital assistants such as Alexa.

Comments