Malware Targeting Smart TVs

Malware, which targets smart TVs running an open-source Android OS, jumped into the top 10 of most widely detected malware list, highlighting the potential risk of vulnerabilities in IoT devices for enterprise security. This is a observed by WatchGuard Threat Lab researchers during this year’s first quarter.  

WatchGuard Technologies produce a quarterly analysis detailing the top malware, network, and endpoint security threats.

Their latest report finds that The report also shows that the Pandoraspear malware, which targets smart TVs running an open-source Android OS, has jumped into the top 10 most widely detected malware list, highlighting the potential risk of vulnerabilities in IoT devices for enterprise security.

While overall network detections of malware during the quarter fell by nearly half compared to the previous quarter, detections of malware targeting endpoints increased by 82%. There was a 23% decrease in ransomware detections compared to Q4 2023, with zero-day malware detections falling by 36%. 

“The findings from the Q1 2024 Internet Security Report demonstrate the importance for organisations of all sizes to secure internet-connected devices regardless of whether they are used for business or entertainment purposes,” said Corey Nachreiner, chief security officer at WatchGuard. “As we have seen in many recent breaches, attackers can gain a foothold in an enterprise network through any connected device and move laterally to do tremendous damage to critical resources and exfiltrate data... It is now imperative for organisations to adopt a unified security approach, which can be governed by managed service providers, that includes broad monitoring of all devices and endpoints.” he said.

Additional key findings from WatchGuard’s Q1 2024 Internet Security Report include:   

  • The average volume of malware detections per WatchGuard Firebox plummeted by nearly half (49%) during the first quarter, while the amount of malware delivered over an encrypted connection swelled by 14 points in Q1 to 69%. 
  • A new variant of the Mirai malware family that targeted TP-Link Archer devices by using a newer exploit (CVE-2023-1389) to access compromised systems emerged as one of the most widespread malware campaigns of the quarter. The Mirai variant reached nearly 9% of all WatchGuard Fireboxes around the globe. 
  • This quarter, Chromium-based browsers were found to be responsible for producing more than three-quarters (78%) of the total volume of malware originating from attacks against web browsers or plugins, a significant rise compared to the previous quarter (25%). 
  • A vulnerability in the widely used HAProxy Linux-based load balancer application, which was first identified in 2023, was among the top network attacks of the quarter. The vulnerability shows how weaknesses in popular software can lead to a widespread security problem.

The data analysed in their quarterly report is based on anonymised, aggregated threat intelligence from active WatchGuard network and endpoint products whose owners have opted to share in direct support of WatchGuard’s research efforts. To download the Q1 2024 Internet Security Report click Here

Image: Jonathan Sautter

You Might Also Read: 

Protecting Your Home Devices Against Attack:

___________________________________________________________________________________________

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Music Rights Owners Want Payment From AI Platforms
The Crucial Role Of AI Red Teaming In Safeguarding Systems & Data »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

International Security Management Association (ISMA)

International Security Management Association (ISMA)

ISMA is an international security association of senior security executives from major business organizations located worldwide.

Silicom Denmark

Silicom Denmark

Silicom Denmark is a premier developer and supplier of FPGA-based interface cards for cyber-security, telecommss, financial trading and other sectors.

AppTec

AppTec

AppTec is a leading software vendor in the field of Unified Endpoint Management and Mobile Security.

Open Cloud Factory

Open Cloud Factory

Open Cloud Factory is a European based security company, that strives to ease the pressure on IT managers, by providing tools to implement your Security Strategy in an effective and easy manner.

VaultOne

VaultOne

VaultOne is a next-generation security solution that addresses security issues from different domains (Password Manager, Secure Access, PAM, Identity Management) as a single, integrated solution.

Gradcracker

Gradcracker

Gradcracker is THE careers website for Science, Technology (including Cybersecurity), Engineering and Maths university students in the UK.

Zymbit

Zymbit

Zymbit provides hardware security modules (HSM) for IoT devices, including Raspberry Pi and other single board computers.

Crown Sterling

Crown Sterling

Crown Sterling delivers next generation software-based, AI-driven cryptography in the form of random number generators and encryption products.

Island

Island

Island puts the enterprise in complete control of the browser, delivering a level of governance, visibility, and productivity that simply weren’t possible before.

Axiata Digital Labs

Axiata Digital Labs

Axiata Digital Labs is the technology hub of Axiata Group Berhad Malaysia which is one of the leading groups in telecommunication in Asia.

ZINAD IT

ZINAD IT

ZINAD is an information security company offering state-of-the-art cybersecurity awareness products, solutions and services.

Interactive

Interactive

Interactive are a leading Australian IT service provider with services in Cloud, Cyber Security, Data Centres, Business Continuity, Hardware Maintenance, Digital Workplace, and Networks.

HTL Support

HTL Support

HTL Support, your trusted partner for comprehensive IT support in London. We specialize in delivering top-tier IT solutions tailored to both large enterprises and small businesses.

WillJam Ventures

WillJam Ventures

WillJam Ventures are a private equity firm focused on investing in world-class cybersecurity companies that will become the next generation of leaders in protecting the world’s digital assets.

XBOW

XBOW

XBOW brings AI to offensive security, augmenting the work of bug hunters and security researchers.

Infratech

Infratech

Infratech is a leading Saudi company providing cutting-edge services and solutions in IT Infrastructure, IT Security and Digital Transformation.