McAfee Labs Threats Report Explores WannaCry

• Earlier in this year,Wannacry malware infected more than 300,000 computers in over 150 countries in less than 24 hours. Several weeks later, the malware Petya exploited the same operating systems flaw along with multiple other techniques to spread to other computers on the same network.These attacks exposed among other lessons the continued use of old and unsupported operating systems in critical areas and they laid bare the lax patch-update processes followed by some businesses.We explore ther timeline and background of the WannaCry attack and Petya.Its apparent follow-up; the vulnerabilities they exploited ; a technical analysis of their infiltration and propagation methods; and our thoughts on the motives for these attacks and what they might lead to.
• Threat hunting is a growing and evolving capability in cyber security.One with a broad definition and wide range of goals.nut it is generally seen as a proactive approach to finding attacks and compromised machines without waiting for alerts. Threat hunting enables security operations to study the behaviors of attackers and build more visibility into attack chains. This results in a more proactive stance for the security operations center, shifting the focus to erlier detection, faster reaction times, and enhanced risk mitigation.In May, McAfee surveyed more than 700 IT and security professionals around the world to better understand how treat hunting is used in organizations today and how they plan to enhance their treat hunting capabilities in the future.We offer detailed advice and recommendations for using certain types of indicators of compromise when hunting for treats.
• Cyber attackers often use scripting techniques in their assualts.Some attacks employ script-based malware at every stage,while others use it for a specific purpose.Script-based malware -written in the JavaScript, VBS, PHP, or PowerShell scripting languages has been on the upswing during the last two years for a very simple reason: evasion.Scripts are easy to obfuscate and thus are difficult for security techniques to detect.