Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Fortinet reports improved malware blocking for July.

Fortinet : 03 August, 2007  (Technical Article)
Despite overall improvements in malware blocking, some viruses and Trojans retain persistent levels of effectiveness indicating need for improved web site clean-up activities.
Fortinet has announced the top 10 most reported high-risk threats for July 2007. The report, compiled from all FortiGate multi-threat security systems in production worldwide, is a service of Fortinet's FortiGuard Global Security Research Team.

The July top 10 highlights the following:.

* An increase in the breadth of detection caused a lowering of the Top 10 percentages overall.
* Last month, Netsky.P was catching up to, but now has surpassed Bagle.DY, just about doubling its performance.
* ANI07.A is still holding on, despite a patch being released, which means it is either still effective or it is not being sufficiently cleaned off of public Web sites.
* The email based Iframe_CID exploit has moved higher than normal, perhaps owing some of its success to Netsky.P's mass mailer component and its own recent rise in activity.

Last month, the most popular trend the FortiGuard team spotted was the inundation of rogue electronic greeting cards increased fueled by the "Storm Worm" (aka W32/Tibs), whose creators seemingly decided to broaden the peer-to-peer Botnet via this well-known strategy. However, what's new about the Storm Worm is the method of attack and how it can compromise a Web browser. The only innovation in the malicious e-card storm lies in the following fact: should a user by mistake or intentionally, request the index page rather than paste the full malicious link inside the browser (or click on it, in case HTML is enabled in the mail client), the Web server would deliver a load of malicious java scripts to the user's Web browser.

Indeed, a look back at recent events such as the MPack 'drive-by-install' case, where malicious IFrames silently redirected hundreds of thousands of visitors of legitimate - but hacked - Web sites to a page full of malicious scripts, seems to highlight browser exploitation as the new 'big thing' among virus writers. Figures tend to confirm this: Since January, the impact of exploits in malicious activity has almost doubled, to reach five percent of the global malware activity in July.

"The slight shift toward browser exploitation partly lies in the fact that it bypasses any form of user interaction, hence rendering user education useless," said Guillaume Lovet, manager for the FortiGuard Global Security Research Team. "While we are entering the Web 2.0 era, most of our data and applications are shifting from the desktop to online. The Web browser is our gateway to those, and therefore becomes absolutely centric."
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo