Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Browser targeted malware indicates increased sophistication in hacker techniques.

Finjan Software : 13 February, 2008  (Technical Article)
Exploiting browser vulnerabilities and targeting web sites with automatic malware infections are the latest drives used by hackers and requires behavioural analysis software to counter the attack according to Finjan.
Finjan has confirmed the findings presented in a recent Google online security blog post and IBM's X-Force report. Online criminals are waging a highly sophisticated war by exploiting vulnerabilities in end users Web browsers using drive-by downloads.

"Google Anti-Malware Team has indicated that more than three million unique URLs on over 180,000 websites were victimised by automatically installed malware. IBM has reported that criminals are now turning their attention to directly attacking Web browsers in order to steal identities, gain access to online accounts and other illicit revenue-generating activities,' said Yuval Ben-Itzhak, CTO with Finjan.

'As reported in our third and fourth quarter trend reports of 2006 as well as our 2007and 2008 trend reports, our research teams already identified at that time the trend that more and more criminal elements of hackerdom were using these techniques with a great success,' he added.

Google's team also reported that on average 2% of malicious websites were delivering malware via advertising.

"This report reconfirms Finjan's Q1 2007 trend report regarding malicious Ads being served on legitimate websites to infect users", continued Ben-Itzhak.

According to Ben-Itzhak, Internet users - both business users and individuals - should use additional security technologies that can identify malware by its intended behaviour - in other words: what it does. Solely relying on signatures that only scan what Web content looks like, or on URL filtering that checks where Web content came from, is risky.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo