Understanding exploit kits and dealing against them

Wana Tun, Regional Technical Evangelist, Sophos

Additionally, Angler mutates its attack components for each potential victim using a variety of encoding and encryption techniques that bypass naive content filters. It also hinders security researchers who are tracking it through tricks such as obfuscation and anti-sandboxing.

How to safeguard against the Angler Exploit Kit?
Enterprises can adopt a multi-pronged approach with these recommended steps:

  1. Implement a comprehensive security solution with strong protection against exploitation on web applications and vulnerabilities such as cross-site-scripting and cookie tampering.
  2. Seek a multi-layered proven protection that offers the flexibility to choose the level of protection, making it possible to add specific layers of protection like wireless protection, web server protection, and endpoint protection, as one's needs evolve.
  3. Choose an endpoint security solution with host intrusion prevention system (HIPS) technology built in, as it can stop malware by monitoring the behaviour of codes. A layered HIPS can also detect over 85 per cent of unknown threats and is capable of intercepting threats that could not be detected before execution.
  4. Configure antivirus software to automatically scan all email and file attachments. It is critical to exercise extra caution when opening attachments and ensure that attachments are not set to open automatically.
  5. Look for a vendor with a global threat analysis operation that is constantly monitoring the web for the latest threats to provide users with instant updates to emerging threats. It is vital to seek a solution that not only provides effective protection, but also simple to deploy and manage.

In a nutshell, one can be protected against crimeware attacks by installing a comprehensive security solution and downloading and applying security patches for vulnerabilities in the applications that have been installed.

It is also definitely recommended to stay informed and updated about news related to crimeware and its methods. Most importantly, always act with caution and be vigilant about attachments and unsolicited messages.

Previous Page  1  2