Mac-based malware has appeared on the list of top ten most common types of malware for the first time in WatchGuard's quarterly Internet Security Report. The Mac scareware appeared in sixth place in WatchGuard's latest Q3 2018 report and is primarily delivered by email to trick victims into installing fake cleaning software.
The new report also found that 6.8 percent of the world's top 100,000 websites still accept old, insecure versions of the SSL encryption protocol, while more malware hits were seen in Asia Pacific than in any other geographical region, reflecting a significant increase in attacks targeted at this area throughout 2018. The report is based on data from tens of thousands of active WatchGuard Firebox UTM appliances around the world and covers the major malware campaigns, network attacks and security threats targeting midmarket businesses and distributed enterprises.
"Outside of a few surprising finds, like Mac scareware in our top ten malware list, we saw attackers stick to what they know in Q3 by reusing and modifying old attacks like cross-site scripting, Mimikatz and cryptominers. It's a good reminder that the vast majority of attacks aren't ultra-advanced zero-days and can be prevented by using a layered security approach with advanced malware detection capabilities and investing in secure Wi-Fi and MFA solutions," said Corey Nachreiner, CTO at WatchGuard Technologies. "However, we are quite concerned at how many major websites are still using the insecure SSL protocol. This is a basic security best practice that should be implemented across 99.9 percent of the internet by now--it puts hundreds of thousands of users at risk."
The insights, research and security best practices included in WatchGuard's quarterly Internet Security Report help organisations of all sizes understand the current cyber security landscape and better protect themselves, their partners and customers from emerging security threats. The top takeaways from the Q3 2018 report include:
* 6.8 percent of the top 100,000 websites still support old, insecure versions of the SSL protocol. Despite it being deprecated by the Internet Engineering Task Force (SSL 2.0 was deprecated in 201 I and SSL 3.0 in 2015), 5,383 websites in the top 100,000 via Alexa...