The Threat Intelligence Spotlight: Hunting Evasive Malware report draws on data gathered from the 650-plus organizations that eSentire protects and VMware Carbon Black's extensive endpoint protection install base.
A global pandemic, distributed workforces and rapid migration to more cloud services have altered threat surfaces, placing emphasis on endpoint and cloud security.
The result is that an organization's network footprint is now dispersed globally across interacting systems and technologies.
Key insights of the report include:
- Endpoint protection is more important today than ever before: the global pandemic has dramatically altered the security perimeter by forcing work-from-home models and accelerating the adoption of cloud services, weakening organizations' security postures)
- Many malware campaigns employ User Exploitation and LOLBins (living-off-the-land binaries) to bypass automated defenses
- In the first half of 2020, Zloader, Valak, SocGholish and More_eggs were observed successfully employing User Exploitation and LOLBin abuse to gain initial access