Malware Targeting Smart TVs

Malware, which targets smart TVs running an open-source Android OS, jumped into the top 10 of most widely detected malware list, highlighting the potential risk of vulnerabilities in IoT devices for enterprise security. This is a observed by WatchGuard Threat Lab researchers during this year’s first quarter.  

WatchGuard Technologies produce a quarterly analysis detailing the top malware, network, and endpoint security threats.

Their latest report finds that The report also shows that the Pandoraspear malware, which targets smart TVs running an open-source Android OS, has jumped into the top 10 most widely detected malware list, highlighting the potential risk of vulnerabilities in IoT devices for enterprise security.

While overall network detections of malware during the quarter fell by nearly half compared to the previous quarter, detections of malware targeting endpoints increased by 82%. There was a 23% decrease in ransomware detections compared to Q4 2023, with zero-day malware detections falling by 36%. 

“The findings from the Q1 2024 Internet Security Report demonstrate the importance for organisations of all sizes to secure internet-connected devices regardless of whether they are used for business or entertainment purposes,” said Corey Nachreiner, chief security officer at WatchGuard. “As we have seen in many recent breaches, attackers can gain a foothold in an enterprise network through any connected device and move laterally to do tremendous damage to critical resources and exfiltrate data... It is now imperative for organisations to adopt a unified security approach, which can be governed by managed service providers, that includes broad monitoring of all devices and endpoints.” he said.

Additional key findings from WatchGuard’s Q1 2024 Internet Security Report include:   

  • The average volume of malware detections per WatchGuard Firebox plummeted by nearly half (49%) during the first quarter, while the amount of malware delivered over an encrypted connection swelled by 14 points in Q1 to 69%. 
  • A new variant of the Mirai malware family that targeted TP-Link Archer devices by using a newer exploit (CVE-2023-1389) to access compromised systems emerged as one of the most widespread malware campaigns of the quarter. The Mirai variant reached nearly 9% of all WatchGuard Fireboxes around the globe. 
  • This quarter, Chromium-based browsers were found to be responsible for producing more than three-quarters (78%) of the total volume of malware originating from attacks against web browsers or plugins, a significant rise compared to the previous quarter (25%). 
  • A vulnerability in the widely used HAProxy Linux-based load balancer application, which was first identified in 2023, was among the top network attacks of the quarter. The vulnerability shows how weaknesses in popular software can lead to a widespread security problem.

The data analysed in their quarterly report is based on anonymised, aggregated threat intelligence from active WatchGuard network and endpoint products whose owners have opted to share in direct support of WatchGuard’s research efforts. To download the Q1 2024 Internet Security Report click Here

Image: Jonathan Sautter

You Might Also Read: 

Protecting Your Home Devices Against Attack:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Music Rights Owners Want Payment From AI Platforms
The Crucial Role Of AI Red Teaming In Safeguarding Systems & Data »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

National Centre of Incident Readiness & Strategy for Cybersecurity (NISC) - Japan

National Centre of Incident Readiness & Strategy for Cybersecurity (NISC) - Japan

NISC was established as a secretariat of the Cybersecurity Strategy Headquarters in collaboration with the public and private sectors to create a "free, fair and secure cyberspace" in Japan.

Cyber Fusion Center - Maryville University

Cyber Fusion Center - Maryville University

Maryville University Cyber Fusion Center is a virtual lab for working on real-world cyber security challenges.

Exonar

Exonar

We enable organisations to better organise their information, removing risk and making it more productive and secure.

Careers in Cyber Security (CiCS)

Careers in Cyber Security (CiCS)

CareersinCyberSecurity is a leading global job board and career resource for Cyber Security, IT Audit, Technology Risk and Data Protection professionals.

Lynx

Lynx

Lynx provides high added value services in the area of information systems security and ICT infrastructure building.

Lifespan Technology

Lifespan Technology

Lifespan Technology provides the full range of IT Asset Disposition services. This includes hardware recycling and disposal, data destruction, and hardware resale.

Terra Quantum

Terra Quantum

Terra Quantum is a deep tech pioneer, developing revolutionary quantum applications to shape the technology of the future.

SK Shieldus

SK Shieldus

SK shieldus are a converged security provider with business capabilities in both cybersecurity and physical security based on Big-Tech.

The Security Bulldog

The Security Bulldog

The Security Bulldog distills and assimilates open source cyber intelligence to enable security teams to understand threats more quickly, make better decisions, and accelerate detection and response.

AnzenSage

AnzenSage

AnzenSage is a cybersecurity advisory consultancy specializing in security risk resilience for the food sector: agriculture, food manufacturing, food supply chain, vineyards, and wineries.

ELLIO Technology

ELLIO Technology

ELLIO Technology is a cybersecurity company that reduces alert overload, improves incident response, and helps security teams target serious attackers who pose a real threat.

Incyber

Incyber

Incyber is a fully integrated network and cybersecurity solutions provider contracted to safeguard public and private enterprise, high value data and sensitive industries.

SektorCERT

SektorCERT

SektorCERT is the cybersecurity center for the critical infrastructure sectors in Denmark. We help detect and handle when critical infrastructure is exposed to cyber attacks.

MiDO Technologies

MiDO Technologies

MiDO Technologies has a mission to change the narrative around digital enabling tools on the continent of Africa and prepare African youth.

True North Solutions

True North Solutions

True North Solutions provides a wide range of fully customized, vendor-neutral industrial engineering and OT automation solutions to companies across North America and around the world.

Iron EagleX

Iron EagleX

Iron EagleX deliver engineering solutions in cloud computing, big data, cyber, and machine learning technologies to US Government customers.