Latest news
58 percent of the vulnerabilities targeted by the most popular exploit kits in Q4 were more than two years old and 70 percent of exploit kits reviewed were released or developed in Russia, reveals Solutionary SERT's Q4 2012 Quarterly Research Report.In reviewing 26 commonly used exploit kits, SERT identified exploit code dating as far back as 2004, serving as evidence that old vulnerabilities continue to prove fruitful for cyber criminals. The fact that 58 percent of the vulnerabilities exploited are over two years old further supports SERT findings that the number of newly discovered and disclosed vulnerabilities has declined since 2010.
The report also revealed that BlackHole 2.0 was the most often-used exploit kit; that Phoenix 3.1 supports the most vulnerabilities, approximately 9 percent; and that a large number of exploit kits have been developed and distributed in Eastern Europe, with 70 percent coming from Russia, followed by China and Brazil.
While DDoS attacks surprisingly decreased during Q4, SERT found that Web application and malware security incidences increased 8 percent. This signals that cyber criminals seem to be shifting from attacking retail sites to directly targeting consumers with social-engineering attacks, using subjects such as Hurricane Sandy to grab attention.
Research also revealed that anti-virus and anti-malware software cannot detect 67 percent of malware being distributed and that 30 percent of the malware samples studied traced back to JavaScript malware variants used for redirection, obfuscation and encryption, all used in the BlackHole exploit kit. Furthermore, the report showed that 18 percent of the malware samples studied by SERT were directly attributed to BlackHole.
“The fact that cyber criminals are able to penetrate network defenses by targeting aging vulnerabilities and using old techniques demonstrates that many organizations are still playing catch-up when it comes to cyber security. Tight budgets, inability to convince stakeholders at all levels that security should be a priority, and a shortage of research resources could be among the reasons why many security and risk teams are continuing to operate in reactive mode," said Rob Kraus, SERT director of research.
For more details, download the report here (registration required).
Spotlight
Information security executives need to be strategic thinkers
Posted on 17 June 2013. | George Baker, the Director of Information Security at Exostar, talks about the challenges in working in a dynamic threat landscape, offers tips for aspiring infosec leaders, and more.
Large orgs in denial about own security breaches?
Posted on 14 June 2013. | Over two thirds (66%) of large organizations said they either had not experienced a security incident in the last 12-18 months or were unsure if they had.
Vulnerability scanning with PureCloud
Posted on 12 June 2013. | nCircle PureCloud is a cloud-based network security scanning product built upon the companies' vulnerability and risk management system IP360.
To hack back or not to hack back?
Posted on 12 June 2013. | If you think of cyberspace as a new resource for you and your organization, it makes sense to protect your part of it as best you can. But is it a good idea?
Reactions from the security community to the NSA spying scandal
Posted on 11 June 2013. | Read on for comments on this scandal that Help Net Security received from a variety of security professionals and analysts.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
