October 3, 2024
|
Infostealers series
.jpg)
Managing the infostealer risk is challenging not only because of the versatility and stealthy nature of this malware but also due to where the risk primarily occurs: on unmanaged devices that have access to internal environments, such as employees’ personal laptops or suppliers’ computers.
This issue has two main causes. First, technical measures on these devices are lacking. Consumer antivirus solutions are often ineffective against the advanced tactics of infostealers. Second, user behavior plays a major role in causing infostealer infections.
Let’s first examine the technical measures. Corporate antivirus solutions are generally better equipped to detect infostealers. This is because these systems offer broader monitoring of software behavior and continuously scan for it. On the other hand, consumer antivirus programs often rely on recognizing known code structures of malicious software. Infostealer creators exploit this by constantly releasing new versions of the malware, leaving consumer solutions struggling to keep up.
The issue of user behavior is even harder to solve. Most infections start with unsafe downloading practices, such as installing unverified software or opening suspicious email attachments. This is especially common on personal devices, where users tend to be less cautious. Many employees are unaware of the risks their online behavior at home poses to their employer.
Completely excluding access from unmanaged devices is a challenge for modern organizations. In today’s hybrid work environments, many employees work remotely and rely on personal devices to access company information. This creates a complex security landscape, as IT teams struggle to effectively monitor and control these unmanaged devices.
This disconnect leaves organizations responsible for security but without control over the devices accessing sensitive data. As a result, the infostealer risk—already dangerous due to its advanced and stealthy nature—becomes even harder to manage. Fortunately, there are steps that can be taken to mitigate this risk/
Information security is gaining increasing attention in healthcare organizations. We spoke about this with a large healthcare organization in the south of the Netherlands. Information security is an important theme for them: they continuously map out vulnerabilities and implement improvements. One of the tools they use for this is Passguard. Why? We asked the CIO.
November 6, 2024
Infostealers are developed as Malware-as-a-Service (MaaS). This model allows cybercriminals without deep technical knowledge to gain access to advanced malware by simply paying for a subscription. This makes infostealers more accessible for a wider range of criminals to launch attacks without having to develop malware themselves.
October 18, 2024
In recent years, many organizations have implemented effective measures to secure their networks and reduce the risk of phishing attacks. As a result, the effectiveness of traditional attack methods has significantly decreased. This poses a major problem for cybercriminals, as their entire ecosystem relies on successful attacks.
October 18, 2024
.svg)
