OPSWAT report shows traditional detection methods are now being outpaced
OPSWAT, has established itself as a global leader in critical infrastructure protection, and its report revealed key insights from over 890,000 sandbox scans in the last 12 months.
This report offers a unique lens into the evolving nature of cyberthreats – and a staggering 1 in 14 files—initially deemed 'safe' by legacy systems—were proven to be malicious.
This report is a call to action for industries relying on outdated defenses and the importance of multi-layered solutions.
Key Findings:
127% Increase in Malware Complexity
Behavioral telemetry revealed a 127% rise in multi-stage malware complexity over the past year. OPSWAT's sandbox uncovered layered threats designed to evade analysis, including obfuscated loaders such as NetReactor and evasive behaviors missed by traditional tools.
These results show that modern malware intends to confuse, not flood, which is why OPSWAT's pipeline is purpose-built to unpack that complexity.
Proactive Threat Detection
OPSWAT analysis reclassified 7.3% of files that were silent across open-source intelligence (OSINT) feeds as malicious, on average 24 hours earlier than public data sources. These were confirmed executions, not speculative flags, highlighting how adaptive analysis can close dangerous gaps left by static and reputation-based systems.
Campaign-Level Threat Correlation
With 890,000+ sandbox scans, OPSWAT connects the dots across threats. It identifies shared TTPs, reused C2 infrastructure, and behavioral patterns across campaigns. This provides defenders with context-rich, actionable intelligence instead of noisy indicators.
99.97% Detection Accuracy
OPSWAT's behavioral and machine learning pipeline delivers results. Aided by a newly enhanced PE emulator, the platform identified sophisticated threats such as:
Clipboard hijacking via ClickFix
Steganography-wrapped loaders
C2 channels embedded in Google services
.NET Bitmap malware loaders delivering Snake Keylogger payloads
'Our strength lies in precision, behavioral depth, and early visibility into emerging attacks,' said Jan Miller, Chief Technology Officer of Threat Analysis at OPSWAT. 'That's what sets OPSWAT apart in delivering high-fidelity, context-aware threat intelligence.'
Why It Matters
As critical infrastructure, government systems, and enterprise networks face growing targeting from increasingly modular and evasive malware, the findings of this report spotlight the evolving adversary playbook and the need for integrated, multilayered solutions.
Cybersecurity leaders must now prioritize adaptability, shared intelligence, reassessing technology, and fast behavioral detection pipelines to protect systems from known threats, but also to keep pace with a rapidly evolving threat landscape and whatever is on the horizon.
Filescan.io, part of the OPSWAT MetaDefender Platform, powers advanced threat detection and file analysis across critical environments. Download the full report and learn more about OPSWAT's integrated pipeline at Filescan.io.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Crypto Insight
11 hours ago
- Crypto Insight
VC Roundup: Bitcoin DeFi surges, but tokenization and stablecoins gain steam
The crypto venture capital landscape has made a decisive pivot back to Bitcoin, driven largely by its growing success as an institutional asset. As Cointelegraph reported, the emerging Bitcoin DeFi sector attracted $175 million across 32 VC deals in the first half of the year. At the same time, Bitcoin treasury companies are injecting billions into the market by acquiring BTC for long-term strategic reserves. Beyond Bitcoin, several recurring VC themes remained prominent in July. Investors continued to back startups in tokenization, stablecoin infrastructure and settlement technology. This edition of VC Roundup looks beyond Bitcoin to explore the broader trends shaping crypto venture capital in July. Inveniam partners with Mantra to drive institutional RWA adoption in the UAE and US Decentralized data infrastructure provider Inveniam Capital has invested $20 million in layer-1 blockchain Mantra to bring institutional-grade real-world assets (RWAs) to the blockchain, complete with asset reporting and surveillance. The companies say the partnership could significantly boost total value locked (TVL) on Mantra Chain and promote compliant tokenization at a time when RWA adoption is expanding rapidly. As part of the deal, Inveniam will integrate data sovereignty and asset surveillance capabilities into the Mantra blockchain, enabling more advanced DeFi applications and regulatory-grade transparency. The partnership aims to expand institutional access to RWA ecosystems in both the United States and the United Arab Emirates. Inveniam cited industry research projecting the RWA market could reach a $18.9 trillion valuation within a decade, according to Boston Consulting Group. Other estimates suggest the opportunity could be as high as $30 trillion as more traditional financial institutions enter the space. Tether-focused Stable blockchain raises $28 million to drive USDt adoption Stable, a layer-1 blockchain network built around Tether's USDt, has raised $28 million in a seed funding round to expand its infrastructure and accelerate global USDt adoption. The raise comes amid growing regulatory clarity for dollar-backed stablecoins. The round attracted backing from a range of prominent investors, including Bitfinex, Hack VC, Franklin Templeton, Castle Island Ventures, Susquehanna Crypto, KuCoin Ventures and several angel investors. Billed as a 'stablechain,' Stable is designed to prioritize payment simplicity and instant transactions. The project cited the recent passage of the US GENIUS Act as a key regulatory milestone supporting stablecoin growth, particularly in payments infrastructure. Spiko raises $22 million to expand access to tokenized assets French fintech Spiko, known for offering tokenized US and EU T-Bill Money Market Funds to European investors, has raised $22 million in a Series A funding round led by Index Ventures, with participation from White Star Capital, Blockwall and others. The fresh capital will support Spiko's mission to broaden access to tokenized money markets and help close the gap between Europe and the US in digital asset adoption. To date, Spiko has processed over $900 million in working capital, with assets under management expected to surpass $1 billion by year-end. Stablecoin banking startup closes $12.5 million Series A Dakota, a business banking platform built on stablecoin infrastructure, has raised $12.5 million in a Series A round led by CoinFund, with additional backing from 6th Man Ventures and Triton Ventures. Founded by former Coinbase Custody CEO Ryan Bozarth, Dakota aims to deliver global banking services powered by digital dollars, promising faster payments and more efficient cross-border transactions. The platform has already onboarded over 500 businesses leveraging stablecoin technology behind the scenes. The raise comes as global stablecoin market capitalization hits $268 billion, with expectations for accelerated growth driven by the recently passed GENIUS bill. Breyer Capital leads $5 million Jarsy raise Digital investment platform Jarsy has raised $5 million in a pre-seed funding round led by Breyer Capital, with participation from Mysten Labs, Eigenlayer, MoonPay, Anchorage Digital and other venture capital backers. Jarsy offers retail investors access to pre-IPO private equity markets through tokenized shares, with a low minimum investment starting at just $10. These tokenized equity opportunities are fully backed by real shares held in custody. Users can fund their investments using stablecoins such as USDC. The funding will be used to scale Jarsy's product offering, focusing on enhancing global compliance and expanding its curated selection of private equity opportunities. BridgePort secures $3.2 million in funding to expand settlement network Off-exchange settlement layer BridgePort has raised $3.2 million in seed funding led by Further Ventures, with participation from Virtu, XBTO, Blockchain Founders, Humla Ventures and Fun Fair Ventures. BridgePort provides middleware that connects crypto exchanges, trading firms, and custodians to improve capital allocation and settlement efficiency. The platform is now live on Amazon Web Services and is actively onboarding exchanges and custodians to expand its settlement network. Source:
Tahawul Tech
a day ago
- Tahawul Tech
'Enterprises are rethinking how they manage IT – not just for performance, but for purpose.' – John Stamer, Lenovo
Lenovo have introduced TruScale Device as a Service (DaaS) for Sustainability, a modular solution that helps enterprises advance sustainability goals while modernizing IT. The solution gives organizations new tools to reduce their carbon footprint, extend device life, and accelerate the shift to a circular economy — all backed by over 15 years of Lenovo asset recovery experience and more than 1 million devices responsibly retired1. In some deployments, TruScale DaaS has delivered up to 35% reductions in device-related IT costs2, without the burden of upfront capital or complex procurement cycles. Recent industry research shows that 62% of organizations invest in sustainability because of the associated cost savings3, highlighting the dual financial and environmental value of Lenovo TruScale DaaS for Sustainability. As the latest addition to Lenovo's proven TruScale DaaS platform, already trusted to manage millions of devices worldwide, this sustainability-focused model unifies devices, services, and financing under one scalable, subscription-based solution. From day one, each device supports a more circular, cost-effective, and sustainable IT strategy and delivers measurable ROI in weeks, not months. 'Enterprises are rethinking how they manage IT – not just for performance, but for purpose,' said John Stamer, Vice President and General Manager, Global Product Services at Lenovo. 'TruScale DaaS for Sustainability reflects our vision for the future of IT: circular by default, intelligent by design, and accountable by outcome. It's a smarter, more resilient way to deliver value across the enterprise.' Powering Sustainability Through Circular IT Modular options at every stage of the device lifecycle help reduce emissions, recover value, and shrink e-waste, including: • Carbon Impact Portal – real-time device-level insights to support ESG reporting. • Certified Refurbished Devices – lower refresh costs and reduce carbon footprint. • CO₂ Offset Services – built-in lifecycle emissions compensation with verified climate action. • Asset Recovery Services – protected decommissioning and residual value recovery According to McKinsey, up to 60% of end-user device emissions can be reduced through strategies such as sourcing fewer devices per user and extending device lifespans.4 Lenovo TruScale DaaS for Sustainability supports this kind of impact by offering modular options to extend device life, refurbish hardware, and offset emissions across the lifecycle. Proven Benefits • Cost Impact: o 57% of DaaS adopters report a lower cost-per-seat. 5 o Lenovo customers see a 20% TCO reduction. 2 o IT maintenance savings range from 10 to 40%. ⁶ • Device energy efficiency: o 100% of Lenovo commercial laptops and desktops, and 98% of monitors, are ENERGY STAR® certified. 7 Customer Outcomes: Real-World Results Coventry University Group replaced its aging IT estate with Lenovo TruScale DaaS and offset 223 tons of CO₂ using the Lenovo CO2 Offset Services included as part of their TruScale DaaS solution. The shift saved 40 hours per week in IT labor and improved device delivery and service support across global faculty networks. 'Lenovo TruScale gives us the scalability and flexibility we need to manage our technology estate efficiently and meet our carbon reduction goals,' said Ian Dunn, Provost, Coventry University Group. 'It's taken pressure off our internal teams, allowing us to focus more on delivering outstanding student experiences.' Read the full story – Case study – A Smarter Path to Sustainable IT Lenovo TruScale DaaS for Sustainability delivers outcome-driven value across five key stages of the device lifecycle: Advise, Implement, Support, Manage, and Retire & Refresh. This structured approach ensures IT leaders can address both operational efficiency and environmental responsibility at every touchpoint. AI-driven tools like Lenovo Intelligent Sustainability Solutions Advisor (LISSA) and Care of One™ help guide sustainable refresh strategies and enhance employee experiences. 'Sustainable IT should drive value, not complexity,' said Rakshit Ghura, Vice President and General Manager, Digital Workplace Solutions at Lenovo. 'CIOs are increasingly tasked with delivering business performance and sustainability progress in parallel. Lenovo TruScale DaaS for Sustainability meets this demand with data-driven, circular IT that helps simplify decision-making and unlock ROI from day one.' Learn more about Lenovo TruScale DaaS for Sustainability and how to design your sustainability stack.
Crypto Insight
a day ago
- Crypto Insight
Data sharing is the next crypto compliance frontier
Opinion by: Mike Haley, CEO of Cifas While the crypto industry is revolutionizing the world of finance, there's an underlying reality bubbling beneath the surface. Hitting record levels, cryptocurrency scams reportedly accounted for $9.9 billion in 2024 — with 2025's forecast making for even bleaker reading. Whether in the form of 'old wine in new bottles' frauds — such as Ponzi and pump-and-dump schemes or new crypto-specific fraud typologies like address poisoning — the global fraud epidemic is hitting the industry hard and undermining consumer confidence. Criminals are increasingly abusing the sector to launder the fraud proceeds generated in the traditional finance (TradFi) sector. This creates compliance challenges for firms keeping pace with evolving Anti-Money Laundering (AML) rules. After all, nearly 90% of crypto registration applications in the UK fail because of weak AML and fraud controls. Crypto sector abuse This abuse of the crypto sector is not going unnoticed by an industry working hard to clean up its image in the eyes of global regulators, many of whom are starting to look to regulate the sector beyond the AML perimeter. Efforts by individual firms — like industry scam flagging tools and disruption operations — laudable though they may be, will have limited effect in isolation. The industry needs a much bolder approach to anti-financial crime data sharing. Cross-sector public-private data sharing to tackle fraud is fast becoming the norm in the TradFi sector. Whether via mandatory anti-scam data sharing between financial services and telcos in Singapore or industry-led voluntary schemes in Australia and the UK, data sharing is accepted globally as one of the key defenses against global fraud. We can only put a dent in this global crime wave by joining the dots along the fraud value chain. As fraud adapts to the new financial landscape internationally, what is missing in this chain is the digital assets community. Bringing the community into existing data-sharing efforts will not only help to build a strong ecosystem but will also benefit the industry itself. Theory to action There are three things the industry should do. First, the current limited use of crypto as a mainstream payment medium means even the most committed crypto criminal cannot exist in isolation. The on-ramping and off-ramping between crypto and fiat currencies are key intervention points in the fight against crypto-linked fraud. With neither side seeing the whole picture, failing to share data impedes efforts. Second, using crypto in the fraud laundering chain creates an AML challenge. With regulators cracking down on exchanges and new rules starting to bite, the industry needs to build defenses against fraud proceeds laundering. It cannot do this without the essential data flows needed to spot and block individuals from entering their ecosystem, data which it must source from further up the value chain. Third, while the will to tackle fraud within the digital assets community is growing, compliance as a profession within the sector is a nascent discipline. The industry would benefit from hard data and the experience of established fraud prevention specialists across other sectors, for whom the types of emerging frauds are 'business as usual.' While the arguments in favor of cross-industry data sharing to prevent crypto-linked fraud are clear, what needs to happen to implement the theory? Accelerating collaboration The UK offers a potentially hospitable policy environment for the industry's first forays into cross-sector data sharing. From a legal perspective, the UK privacy regulator, the Information Commissioner's Office, recently stated unequivocally that 'data protection is not an excuse when tackling fraud and scams.' This is particularly relevant to recent crimes, one of which saw scammers steal $1.2 million by posing as law enforcement and crypto wallet hosts to trick victims into revealing personal information. Coupled with recent legislative changes to the data privacy regime in the form of the Data (Use and Access) Act 2025 — which establishes crime prevention as a 'recognized legitimate interest' — the legal argument for sharing could not be clearer. Next, the regulatory horizon for digital asset regulation in the UK provides carrots and sticks for fraud prevention and data sharing. The UK Chancellor's announcement on future regulation strongly suggests the digital assets industry will be bound by the same consumer protection rules as the TradFi sector. It is difficult to imagine UK consumer protection against fraud without a cross-industry data-sharing element. The carrot is also there with the Financial Conduct Authority — and the stated future digital asset regulator — stating data sharing is a key tool in the fight against fraud proceeds laundering. Finally, the UK has a rich and established financial crime data-sharing ecosystem, with robust public-private, intra-industry and cross-sector collaboration, including through the Joint Money Laundering Intelligence Taskforce. Opening these initiatives to the digital assets industry has already started, and with some government and regulatory backing, it could be accelerated. The crypto and digital asset community knows only too well the reputational and regulatory risks posed by the fraud emergency. But recognition alone is not enough, and efforts must not remain siloed. Cross-industry data sharing is a key enabler of effective fraud prevention worldwide. Given the UK's conducive environment, it is uniquely placed to lead by example. Opinion by: Mike Haley, CEO of Cifas. Source:
