Cyberoam Technologies Pvt. Ltd. - Logo Cyberoam Technologies Pvt. Ltd.
AHMEDABAD, India, November 25, 2014 /PRNewswire/ --
Q3 of 2014 Saw Apple Users Increasingly Becoming Phishing Targets and Corporate Breaches Among the Report Highlights
The third quarter of 2014 was dedicated to celebrity account hackings and corporate data breaches. By the end of the quarter, it was clear that no system is perfect with the announcement of the Shellshock bug affecting the BASH shell. Cybercriminals also used global tragedies, such as Ebola and airline disasters, to further enhance their phishing, spam, and malware distribution efforts. Cyberoam, in collaboration with its partner CYREN, brings you a detailed report with recent web malware and spam trends of the third quarter (Jul-Sep 2014).
The Apple iCloud celebrity data breach made news. But in the wake of the same, CYREN attempted looking a little deeper into the cybercrime targeted at the Apple device market. CYREN analytics observed an increase in Apple users being targeted. One prominent message the celebrity phishing-photo scandal left behind was that Apple users are an increasing target for scams and hacking. While the iOS and OSX operating systems still remain relatively safe, more and more individuals globally are buying Apple devices and using Apple services, which could account (in part) for the increased targeting of Apple users. There are currently more than 800 million Apple IDs in use. Over 300 million individuals hold iCloud accounts, giving them access to 5GB of online storage, as well as email, calendar, and photo stream. And, phishing attacks are at least three times more likely to be successful on a smartphone than on a desktop or laptop.
On top of increased phishing, CYREN noted that Apple initiated a new email alert campaign shortly after the celebrity attacks. It informed Apple iCloud users that their Apple ID was recently used to sign into an iCloud account. While the email is entirely legitimate, it provided scammers the opportunity to imitate an official large-scale email campaign. The report also discusses Apple iPhone6 adware scams.
The Bash-Shellshock SHELLSHOCK Bug
The report identifies the Bash-Shellshock bug as another story of importance in Q3. Shellshock exploded on the scene this quarter, making headlines in major newspapers and security blogs. Discovered by a French security expert in mid-September and disclosed publicly in late September, it has been deemed by many as the "world's most dangerous Internet security bug". CYREN detected Shellshock attacks using the "CGI-based web server attack" technique through a specially crafted HTTP cookie header request field. Attackers have also used other HTTP request header fields such as 'User-Agent', 'Accept', 'Referer' and 'Host' to inject the malicious Bash commands.
Tragedy drives the headlines
Apart from the Apple scams and Shellshock bug, Cybercriminals also used global tragedies, such as Ebola and airline disasters, to further enhance their phishing, spam, and malware distribution efforts. A simple click through the leading news websites tells a sad story: more ebola victims, expanding war in the Middle East, death, floods, famine. The list goes on. The use of "sensationalism" to promote a headline or sell an item is nothing new. In the third quarter, hackers put this technique to good use.
Other highlights from the Q3 2014 CYREN Internet Threats Trend Report included malware and spam trends, top spam topics, as well as a ranking of the top zombie producing countries.
Click here to download full report.
About Cyberoam Technologies Private Limited
Cyberoam Technologies, a Sophos Company, is a global network security appliances provider, offering future-ready security solutions to physical and virtual networks in organisations with its Next-Generation Firewalls (NGFWs) and Unified Threat Management (UTM) appliances. The virtual and hardware Cyberoam Central Console appliances offer Centralised Security Management options to organisations, while Cyberoam iView allows intelligent logging and reporting with one-of-their-kind, in-depth reports. Cyberoam is accredited with prestigious global standards and certifications like EAL4+, CheckMark UTM Level 5 Certification, ICSA Labs, IPv6 Gold logo, and is a member of the Virtual Private Network Consortium.
About CYREN
CYREN is a leading provider of cloud-based cybersecurity solutions that deliver powerful protection through global data intelligence. Regardless of the device or its location, CYREN's easily deployed web, email, and anti-malware products deliver uncompromising protection in both embedded and Security as a Service (SecaaS) deployments. Organisations rely on CYREN's cloud-based threat detection and proactive security analytics to provide up-to-date spam classifications, URL categorisation and malware detection services. The CYREN GlobalView Cloud Platform leverages Recurrent Pattern Detection? technologies to protect more than 550 million users in 190 countries. CYREN is traded on the NASDAQ Capital Market and the Tel Aviv Stock Exchange (TASE) under the trading symbol "CYRN." Visit the CYREN GlobalView Security Center.
Media Contact: Tasneem Sangani, tasneem.sangani@cyberoam.com, +91-9727705962, Manager PR, Cyberoam Technologies Pvt. Ltd. (a Sophos company)
SOURCE Cyberoam Technologies Pvt Ltd (Part of Elitecore)