WatchGuard, an internet security firm, has released a report from the last quarter of 2016 with some interesting facts:

  • Roughly 30% of malware analyzed was classed ‘zero day’, which means that legacy antivirus databases are not able to repeal it. In other words, criminals have severely outpaced security firms. Whether it is your desktop computer or your server, relying purely on reactive anti-malware solutions might not be enough.
  • PHP shells continue to be an important tool in cyber-attackers’ toolbox, as they’re adding new obfuscation methods to keep them effective.
  • Javascript is on the rise as a delivery channel for malware and as an obfuscation mechanism. Pay special attention to Javascript vulnerabilities in your sites and your customers’ sites