Malicious actors love to deliver threats in files. A persistent and persuasive message persuades an unsuspecting victim to accept and open a file from an unknown source, taking the first steps in a cyberattack.
This keeps happening whether the file is an EXE or a Microsoft Excel document. Too often, end-her users harbor illusions of security that are masked by the good faith efforts and (ineffective) security controls of other users. This creates a viral effect where ransomware, malware, spyware, unwanted grayware and adware can easily spread from user to user and machine to machine. To prevent users from saying “I reject your reality and substitute mine!” – It’s time to break the myths about file-based attacks.
Test with 3 people! two! one! register here Together with Vinay Polurouthu, Principal Product Manager and Amy Heng, Product Marketing Manager at Zscaler, we will:
- Debunking the 9 Most Common Assumptions and Myths About File-Based Threats
- Uncover latest evasion trends and detect stealth delivery methods
- Prevent patient-zero infections and zero-day security events from unknown files
The Fundamental Problem in Stopping File-Based Threats
There is no digital communication without file sharing. Whether you open an exported Excel file in a Salesforce report or download new note-taking software, you use files to share information and perform important tasks.
As with other habitual behaviors such as driving, we become overly reliant on assumptions and heuristics about files and security controls that protect us from viruses and malware. With your guardrails down, you’re vulnerable to file-based attacks.
File-based attacks are attacks that use malicious code, scripts, or modified files containing active content to threaten users or devices. Attackers use social engineering techniques to convince users to open and run files to launch cyberattacks. In addition to preying on human behavior, attackers program files with evasion techniques such as obfuscating information and deleting files, making the threat difficult to detect with existing tools.
Stops zero-day and patient-zero infections by preventing file-based attacks
No one wants to be the first victim of a cyberattack. However, file-based attacks continue to thrive as businesses still rely on signature-based detection.
Researchers at Zscaler ThreatLabz have found infostealer malware hidden in pirated software. The attackers used a fake shareware site where visitors downloaded files disguised as cracked software. Instead of the intended software, the payload contained the RedLine or RecordBreaker malware. This malware collects saved browser passwords, autocomplete data, and cryptocurrency files and wallets. This attack is difficult to detect because the attacker generates a new password-protected zip file for each transaction she downloads. Listing MD5 has no effect.
Inline protection and intelligent, dynamic analytics are needed to stop zero-day attacks and patient-zero infections.
Webinar to understand the facts and fiction about file-based threats
Leave your assumptions about file-based threats alone. We’ve collected the 9 most common myths about files, including that endpoint security isn’t good enough (or can’t) block macros in Microsoft documents.
Ready to bust some myths? Register for the webinar here.
