Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

With botnets responsible for majority of malware, 2009 sees almost 7 percent increase on previous year

Network Box : 12 January, 2010  (Technical Article)
Analysis from Network Box shows a change in the threat landscape during the year with higher volumes of threats emerging due to the wider use of botnets and the deeper penetration of threats beyond Microsoft into applications such as browsers and PDF files
Almost three million new threats were identified in 2009 - approximately one every 10.8 seconds - according to analysis by managed security firm, Network Box. 2,905,697 threat signatures were released through the year to protect against new or variant threats. This is an increase on 2009 of 6.9 per cent.

The vast majority of spam and malware now comes from botnets and compromised hosts - a shift that started in the second half of 2008. But the biggest change seen through the year was the move away from mass-mailed spam and malware, towards targeted vulnerability exploits (for example in applications, web browsers or servers). Whilst using email is still proving effective, it requires such volume to provide a return that criminals are now focusing on exploiting vulnerabilities in applications, web browsers and servers, rather than just mailing executable code. Organised criminal gangs continue to dominate, and this is expected to continue through 2010.

Another notable change in the threat landscape was the increase in security patches from software and platform providers other than Microsoft. Microsoft has long been the biggest (and often perceived as the only) security target for hackers, but in the past year a number of major software houses have announced critical vulnerabilities, including:

* Adobe announced multiple vulnerabilities in its PDF and Acrobat software systems; and in its SWF Flash software
* Wordpress blogs have been susceptible to multiple vulnerabilities, leading to passwords being compromised
* Several major web frameworks (including the popular Drupal web content management system) have had vulnerabilities leading to remote code execution and SQL injection
* Web browsers such as Apple Safari, Mozilla Firefox and Opera have all announced critical vulnerabilities.


Simon Heron, internet security analyst at Network Box, says: "We're urging companies to review security policies for all their applications and software, not just those that are Microsoft. It's not enough any more just to auto-download Microsoft patches and stick anti-virus software on employees' PCs. Most of us now use some form of internet-facing application or software - particularly those who work from home - which must be secured."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo