Feb 12th Attack

ThreatScope again identifies malware that, per the screen shot below, only one 1 of 57 AV engines was actively protecting against as of 7:40amCST this morning.  As such, organizations who do not leverage a Sandbox Capability would have likely been compromised. McAfee nor Symantec nor any AV Engines other than ESET would have helped.  What percentage of your security spend goes towards these legacy solutions?  Additionally, per this link, you will very clearly see that the malware (disguised as a Word file) attempts to connect out to Russian Botnet that Websense is actively protecting against.  An additional outbound call is made to another US site hosting malware which is also protected via Websense ACE Technology.  In summary, this attack leveraged all 7 steps of the Kill Chain and Websense protected against all: