SlideShare une entreprise Scribd logo

State of Internet 1H 2008

Kim Jensen
Kim Jensen

State of Internet 1H 2008. Report on threats to IT-security Q1 and Q2 2008. Read about discovery of CAPTCHA hack by Websense.

TechnologieActualités & Politique
1  sur  13
Télécharger pour lire hors ligne
Websense security Labs™ state of internet security Q1 – Q2, 2008
Websense security Labs™: state of internet security, Q1 – Q2, 2008 Websense® security Labs uses the patent-pending Websense threatseeker™ network to discover, clas- sify and monitor global internet threats and trends. featuring the world’s first internet HoneyGrid™, the system uses hundreds of technologies including honeyclients, honeypots, reputation systems, machine learning and advanced grid computing systems to parse through more than one billion pieces of content daily, searching for security threats. every hour, it scans more than 40 million Web sites for malicious code and scans nearly ten million emails for unwanted content and malicious code. using more than 50 million real-time data collecting systems, the Websense threatseeker network monitors and classifies Web, messaging, and data content—providing Websense with unparalleled visibility into the state of content on the internet and email. this report summarizes the significant findings of Websense researchers using the threatseeker net- work during the six-month period ending in June, 2008. Websense ThreatSeeker Network Research Highlights, Q1 – Q2 2008 Web Security • 75 percent of Web sites with malicious code are legitimate sites that have been compro- mised. this represents an almost 50 percent increase over the previous six-month period. • 60 percent of the top 100 most popular Web sites have either hosted or been involved in malicious activity in the first half of 2008. • 12 percent of Web sites infected with malicious code were created using Web malware ex- ploitation kits, a decrease of 33 percent since December 2007. Websense researchers believe this decrease may be attributed to attackers launching more customized attacks to avoid signature detection by security measures. Messaging Security • 87 percent of email messages are spam. this percentage remains the same as the second half of 2007. • 76.5 percent of all emails in circulation contained links to spam sites and/or malicious Web sites. this represents an 18 percent increase over the previous six-month period. • 85 percent of unwanted (spam or malicious) emails contain a link. • Pornography-related spam decreased by more than 70 percent and is no longer the most popular topic for spam. shopping (20 percent), cosmetics (19 percent), and Medical (11 per- cent) represent the majority of today’s spam. • 9 percent of spam messages are phishing attacks, representing a 47 percent increase over the last six months. Data Security • 29 percent of malicious Web attacks included data-stealing code. • 46 percent of data-stealing attacks are conducted over the Web. 1 Source: Alexa (www.alexa.com) data on Web traffic for top 100 Web sites 1
Websense security Labs™: state of internet security, Q1 – Q2, 2008 With data-stealing Web and email attacks on the rise, Websense security Labs is tracking where data is being sent. Of the 46.37 percent of malware that connects via the Web: • 57.3 percent of malware connects to united states of america • 6.19 percent of malware connects to china • 5.5 percent of malware connects to canada • 4.27 percent of malware connects to russia • 4.11 percent of malware connects to brazil • 22.63 percent of malware connects to other countries Cybercriminals Increase Attacks on Web Sites with “Good” Reputations During the first half of 2008, the volume of legitimate Web sites compromised with malicious code con- tinued to surpass the number of sites created by attackers specifically for malicious purposes. in the first half of 2008 more than 75 percent of the Web sites Websense classified as malicious were actually sites with seemingly “good” reputations that had been compromised by attackers. this represents a 50 percent increase over the last six months. The Webscape Demonstrates Web 2.0 Sites Are a Fresh Target Websense security Labs classifies the Webscape into four general sections. the top 100 most visited Web properties tend to be classified as social networking or search sites such as search engines. the next 10,000 most visited sites are primarily current event and news sites and, down the “long tail” of the internet, Web sites that are more regional and genre-focused. the growing tail end of the Webscape is comprised of personal sites like blogs, small business sites, and Web sites specifically set up for fraud and abuse. each area of the Webscape has its own unique security challenges, but the top 100 Web properties that encompass the largest amount of visitors is a growing target of attackers. research shows that attackers continue to focus their attention on the Web 2.0 elements of the evolving Web- scape, meaning that adaptive content classification and dynamic content scanning is now required to protect businesses and their information. below is a graphic of the Websense view of the Webscape: 2
Websense security Labs™: state of internet security, Q1 – Q2, 2008 The top 100 most visited Web sites: • represent the majority of all Web page views, and are the most popular target for attackers. With their large user base, good reputations and support of Web 2.0 applications, these sites provide malicious code authors with abundant opportunity. • Websense security Labs identified that 90 percent of the top 100 sites are categorized as social networking or search. • More than 45 percent of these sites support user-generated content. • 60 percent of these sites either hosted malicious content or contained a masked redirect to lure unsuspecting victims from legitimate sites to malicious sites. in many cases these redirects appear as the actual Web site, when in fact the content served on that page is being hosted elsewhere. Security Trends Tarnished Reputations continuing the trend identified by Websense in 2007, attackers continued to take advantage of flaws in traditional security measures and bypass reputation-based systems to increase attack effectiveness. In April of 2008, Websense Security Labs discovered massive attacks that compromised hundreds of thousands of legitimate Web sites with good reputations worldwide with data-stealing malicious code. this attack included sites from Msnbc, ZDnet, Wired, the united nations, a large uK government site, and more. in this attack, when a user’s browser opened one of the thousands of compromised sites, a carefully crafted iframe HtML tag redirected users to a malicious site rife with exploits. as a result, mali- cious code, designed to steal confidential information, was launched on vulnerable machines. in addition to Web exploits, email spammers are also taking advantage of the reputation of popular email services like yahoo! and Gmail to bypass antispam systems. During the first half of 2008, Websense Security Labs found spammers using sophisticated tools and bots to break the “CAPTCHA -” systems that were developed to keep email and other services safe from spammers and other ma- licious activity. Microsoft Live Mail, Google’s popular Gmail service and yahoo! mail services were all compromised by this breakthrough method. subsequently, spammers have been able to sign up for the free email accounts on a mass basis and send out spam from email accounts with good reputations. With a free sign- up process, access to a wide portfolio of services and domains that are unlikely to be blacklisted given their reputation, spammers have been able to launch attacks on millions of users worldwide while maintaining anonymity. Attackers Are Changing the Game with Web 2.0 as more organizations and their employees are adopting Web 2.0 technologies for legitimate business reasons, users are given privileges such as directly editing Web content or uploading files—potentially causing more security issues as many organizations lack the adequate security technologies and practic- es to enable safe Web 2.0 use. the increase in Web 2.0 applications has allowed hackers to target users and businesses using mash-ups, unattended code injection, and other tactics providing yet another level of complexity for organizations and users that want to prevent data loss and malicious attacks. Websense has found that the content of a single Web page may be comprised from multiple locations including a variety of disparate sources. the danger is that users typically associate the content they are viewing from the urL in the address bar, not the actual content source. the urL is no longer an ac- curate representation of the source content from the Web page. as such, organizations that enable their employees to view Web 2.0 technologies like iGoogle Web portals or social networking sites, wikis, and blogs, need real-time Web security protection to protect their employees and their essential information. 2 CAPTCHA Definition: Completely Automated Public Turing test to tell Computers and Humans Apart 3
Websense security Labs™: state of internet security, Q1 – Q2, 2008 Malware masquerading as Web ads proved to be a popular means for hackers to distribute malicious content onto high-profile sites during the first half of the year. Websense security Labs identified several instances where malicious banners ran on high-traffic, high-reputation sites such as Myspace, excite.com, yahoo! Mail and Perl.com to increase chances of exploiting a larger audience. Myspace un- knowingly ran banners that pushed nefarious malware to unsuspecting users. With excite.com, attackers used the notion of “transitive trust” to exploit the faith the user placed with the Web site. trusting users didn’t realize that the execut- able they were downloading came from embedded, malicious banners, and not from excite.com. antivirus vendors failed to identify many of these attacks. The Web Remains the Number One Attack Vector as internet users increase, the Web attack vector continues to grow. Web servers are increasingly com- promised through persistent cross-site scripting (Xss) and sQL injection as well as Dns cache poisoning attacks. in June of 2008, Websense security Labs received reports that the official Web sites of icann and iana Domains were hijacked by a turkish group called “netDevilz” using Dns cache poisoning. over the last six months, Websense security Labs has tracked hackers using toolkits to search for Web sites vulnerable to sQL injection attacks. attackers target hosts with both a high profile and strong repu- tation, to maximize the number of visitors once the site has been compromised. in addition, client-based threats have increased with popular Web 2.0 components such as facebook’s “secret crush” applica- tion, which is actually ad-serving software, as well as multi-media applications that contain exploits such as Quicktime and flash. below are the top ten Web attack vectors over the last six months. Top 10 Web Attack Vectors in 1st Half of 2008: 1. browser vulnerabilities 2. adobe flash vulnerabilities 3. activeX vulnerabilities 4. sQL injection 5. adobe acrobat reader vulnerabilities 6. content management systems (cMs) vulnerabilities 7. apple Quicktime vulnerabilities 8. Malicious Web 2.0 components (e.g. facebook applications, third-party widgets/gadgets, banner ads etc) 9. realPlayer vulnerabilities 10. Dns cache poisoning 4
Websense security Labs™: state of internet security, Q1 – Q2, 2008 Metrics Websense security Labs tracks the following metrics to identify details about Web and email-based at- tacks against data and businesses. Top Countries Hosting Phishing Sites (Jan 08 – Jun 08) the pie graphs below demonstrate the top three countries, by month, with the highest number of phishing attacks. Phishing attacks have been trending down over the last six months; this is in contrast to the same six months a year ago. 5
Websense security Labs™: state of internet security, Q1 – Q2, 2008 Top Countries Hosting Crimeware (Jan 08 – June 08) the pie graphs below demonstrate the top 3 countries by month hosting crimeware, a class of malware designed specifically to automate financial crime. over the last six months, the majority of malware was hosted in the united states and china. 6
Websense security Labs™: state of internet security, Q1 – Q2, 2008 From Discovery to Patch: Window of Vulnerability Websense security supplements outdated antivirus and firewalls by seeking out threats before custom- ers are infected and provides protection within minutes of discovery—before patches and signatures are available. the chart below shows the window of exposure between threat detection by Websense threatseeker network and the release of the patch by antivirus software providers. the dates below represent the time it took for the antivirus vendors to publish a signature for the malicious threats Web- sense detected. Blended Threats the convergence of Web and email threats—or “blended threats”—continues to increase. Websense security Labs reports that now more than 76.5 percent of all emails in circulation during this period con- tained links to spam sites and/or malicious Web sites. this represents a substantial 18 percent increase since December 2007. examples of blended threats are the “Storm” attacks. the storm attack authors have launched some of the most prolific attacks of the last few years. storm is a perfect example of a blended threat that uses multiple attack vectors including DDos, Web, Peer-to-Peer (P2P), encryption, and malware distribu- tion. Websense security Labs has been tracing the storm worm since early 2007 when the first wave of the storm worm erupted in the wild. antivirus vendors have struggled to keep up with this widespread attack. storm lures are presented as short, simple emails, enticing the victim to click preferred links and download a malicious file. Lures range from holidays like the fourth of July, natural disasters like the earthquakes in china and most recently, popular events like the olympics. these targeted spam cam- paigns represent one of largest professional botnets in the internet’s history. storm’s use of advanced polymorphism (or constantly changing attributes) makes it difficult for traditional security technology to detect. 7
Websense security Labs™: state of internet security, Q1 – Q2, 2008 Spam Types in the past six months Websense security Labs has seen spammers move away from distributing spam through attachments, preferring instead to distribute urLs to spam-hosting and distribution sites. ad- ditionally, Websense noticed a reduction in image spam from 32 percent in December of 2007 to 18 percent in June 2008. over the last six months, the global number of messages containing viruses is low in comparison to the number of messages classified as spam. However, the virus activity is steadily increasing, representing a 500 percent increase since December of 2007. the percentage of email messages flagged as spam remains static at 87 percent with a zero-percent change over the last six months. 8
Websense security Labs™: state of internet security, Q1 – Q2, 2008 over the last six-months, the volume of pornographic spam, decreased more than 70 percent while shopping increased by almost 80 percent. the reason for the swap may be related to the fact that spam- mers are getting more sophisticated. they are using social networking sites to learn more about their victims and using targeted campaigns to increase their attack conversion rates. the three most popular topics for spam are now shopping (20 percent), cosmetics (19 percent) and medical (11 percent.) as shown in bar chart below, Websense security Labs classifies spam into the following 15 categories: Websense Security Labs Firsts the following list highlights a few of the major attacks successfully identified by Websense security Labs during the first half of 2008. Spammers streamline anti-CAPTCHA operations on Microsoft Windows Live Mail and Gmail Attack Date: 02/06/08 Attack Details: Websense security Labs, with its threatseeker network, discovered that Windows Live Mail accounts, a free Web mail service from Microsoft, was being targeted by spammers using a new sophisticated technique to create thousands of Windows Live email addresses by cracking the caPtcHa protection designed to prevent the creation of fraudulent accounts. using a bot network, spammers established a connection to the registration page of the Microsoft-owned mail service and were able to bypass the caPtcHa requirement 35 percent of the time. free email services from Microsoft, yahoo! and Google are rarely blocked by anti-spam filters, making accounts from these services highly profitable and valued by spammers. in addition, Websense security Labs discovered that Google’s popular Web mail service, Gmail, was being targeted by spammers to create bots that are capable of signing up and creating random Gmail accounts for nefarious purposes. Websense researchers believe that the same group is involved in breaking the Microsoft Windows Live Mail caPtcHa break as well as the Gmail caPtcHa break. Websense Security Labs researchers believe there are four main advantages to this approach: • signing up for an account with Google or Microsoft allows access to its wide portfolio of services. • Google or Microsoft’s domains are unlikely to be blacklisted by anti-spam filters. • these services are free. • it’s difficult to identify illegitimate accounts as millions of users worldwide are using various Google services on a regular basis. this provides spammers with a layer of anonymity, making it harder to detect and track their actions. 9
Websense security Labs™: state of internet security, Q1 – Q2, 2008 Economic Stimulus Phish Attack Date: 05/16/2008 Threat Attack Details: eager recipients of the internal revenue service economic-stimulus checks were taken for more than they bargained for with a phishing scheme. Websense security Labs with its threatseeker network dis- covered a phishing attack that aimed to steal tax-payer’s sensitive information, dubbed the “economic stimulus Phish”. the attackers sent out an email to potential victims that provided a quick explanation of the recent economic-stimulus package and encouraged them to sign up for direct deposit by clicking on a link before May 17. it warned that if the recipient didn’t respond in time, their refund would be delayed. users that unsuspectingly clicked on the “tax refund online form” were asked for personal information such as their name, address, credit card, atM pin number, bank name, and social security number. Websense first to discover and protect against Microsoft Excel vulnerability Published March, 2008 (Identified in November 2007) Vulnerability Details: Websense security Labs with its threatseeker network discovered an un-patched, high-risk vulnerability (cert# Ms08-014) in Microsoft excel in november 2007. Microsoft recognized Websense for the find in March 2008 when a patch was issued. the vulnerability allowed code execution within an excel docu- ment without the knowledge of the user. Websense vigilantly watches for exploits of this vulnerability to protect organizations and their essential information from unnecessary threats. Websense will automati- cally block malicious code before it can infect an organization’s computers. 10
Websense security Labs™: state of internet security, Q1 – Q2, 2008 A Look Forward & Summary During the first half of 2008 as predicted, the number of compromised Web sites continued to grow and surpass the number of created malicious sites. Websense researchers expect this trend to continue as hackers become more sophisticated and continue to leverage the “good” reputations of Web sites to evade traditional security measures. Websense researchers believe organizations should prepare for continuing challenges in during the second half of 2008 and encourages security managers to shift their protection emphasis from guard- ing against inbound attacks at the infrastructure level—a model suited to perimeter boundaries and the internet as a simple content resource—to guarding essential information against blended threats and accidental or malicious loss, in tune with Web 2.0 and the internet as a business platform. Hackers will continue to get creative and leverage user-created content and Web 2.0 applications to cre- ate even bigger security concerns for organizations. researchers expect attackers to see a rise in special interest attacks – targeting specific groups of people based on interests and profiles. With an increase in spam and “talk back” sections of new sites, new active media, Web modules, scripting and social net- works, organizations will need to ensure their Web, messaging and data security programs are adequate to plug the holes and curb the new avenues hackers exploit to spread malicious code for financial gain. to ensure risk mitigation keeps in step with the threat climate, enterprises must rethink their approaches to Web, messaging, and data security. instead of thinking about technologies, organizations must think about data. How is it used? Who is using it? Where and when is it safe to use? Who can receive it? Which channels can safely send it? a silo-based approach to e-mail and Web filtering will not provide the necessary protection against blended threats. organizations should move towards a comprehensive data centric of security that includes not only Web and messaging security, but also data security to prevent information loss across all channels. this data-centric view means that, rather than investing in protection silos with limited coverage, enter- prises will mesh defenses across technologies, communication channels, and applications focused on protecting data. this integration increases the accuracy of detection and the quality of response. More than just proactive enforcement, this integration provides appropriate protection, because it allows the use of context to understand legitimate business uses and adapt responses. by protecting sensitive data, the essential information of each business, organizations can both embrace and defend the internet business platform. the information and predictions contained within this report are based on analysis of current attack trends, cybercriminal techniques and threat intelligence gathered by researchers with Websense threat- seeker network, Websense Hosted Web security and Websense Hosted email security. 11
Websense security Labs™: state of internet security, Q1 – Q2, 2008 About Websense Websense, inc. (nasDaQ: Wbsn), a global leader in integrated Web, messaging and data protection technologies, provides essential information Protection™ for more than 42 million employees at more than 50,000 organizations worldwide. Distributed through its global network of channel partners, Web- sense software and hosted security solutions help organizations block malicious code prevent the loss of confidential information and enforce internet use and security policies. Websense Security Labs Websense security Labs is the security research arm of Websense, inc. that discovers, investigates and reports on advanced internet threats. unlike other research labs, Websense has an unparalleled knowl- edge of malware and where it resides on the Web. this allows Websense to detect and block new threats that traditional security research methods miss, enabling organizations to protect sensitive content from theft, compromise, or inappropriate use. recognized as a world leader in security research, Websense security Labs publishes findings to hundreds of security partners, vendors and other organizations around the world and provides security metrics to the anti-Phishing Working Group. Websense Security Labs – a Pioneer in Emerging Threat Protection • unparalleled visibility and discovery on a massive scale • real-time adaptive ability to respond to trends and threats in a Web 2.0 world • Powered by a unified world-class research team • Many first discoveries, including the unpatched, high-risk Microsoft excel vulnerability (March 2008) • first to market with phishing protection • first to market with drive-by and backchannel spyware protection • first to market with bot network protection • first to market with crimeware/keylogger protection Security Alerts register with Websense security Labs to receive free security warnings about malicious internet events, including spyware, spam, phishing, pharming, and corrupted Web sites. http://www.Websense.com/securitylabs/alerts/ Blog Highlights the Websense security Labs blog delivers the most current information and breaking news about se- curity research topics and today’s advanced internet threats. Websense security Labs investigates and publishes information about outbreaks, new threats, and other relevant Web security topics to protect organizations from increasingly dangerous internet threats. for more information, check out our blog: http://www.websense.com/securitylabs/blog 12 © 2008 Websense inc. all rights reserved. Websense and Websense enterprise are registered trademarks of Websense, inc. in the united states and certain international markets. Websense has numerous other unregistered trademarks in the united states and internationally. all other trademarks are the property of their respective owners. 07/24/.08

Recommandé

2013 Threat Report
2013 Threat Report2013 Threat Report
2013 Threat ReportEnvision Technology Advisors
 
Websense 2013 Threat Report
Websense 2013 Threat ReportWebsense 2013 Threat Report
Websense 2013 Threat ReportKim Jensen
 
V01 i010413
V01 i010413V01 i010413
V01 i010413IJARBEST JOURNAL
 
Symantec Internet Security Threat Report Volume 2015
Symantec Internet Security Threat Report Volume 2015Symantec Internet Security Threat Report Volume 2015
Symantec Internet Security Threat Report Volume 2015Waqas Amir
 
What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?Samvel Gevorgyan
 
Can you predict who will win the US election?
Can you predict who will win the US election?Can you predict who will win the US election?
Can you predict who will win the US election?Samvel Gevorgyan
 
Jean pier talbot - web is the battlefield - atlseccon2011
Jean pier talbot - web is the battlefield - atlseccon2011Jean pier talbot - web is the battlefield - atlseccon2011
Jean pier talbot - web is the battlefield - atlseccon2011Atlantic Security Conference
 
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...Symantec
 

Recommandé

2013 Threat Report
2013 Threat Report2013 Threat Report
2013 Threat ReportEnvision Technology Advisors
 
Websense 2013 Threat Report
Websense 2013 Threat ReportWebsense 2013 Threat Report
Websense 2013 Threat ReportKim Jensen
 
V01 i010413
V01 i010413V01 i010413
V01 i010413IJARBEST JOURNAL
 
Symantec Internet Security Threat Report Volume 2015
Symantec Internet Security Threat Report Volume 2015Symantec Internet Security Threat Report Volume 2015
Symantec Internet Security Threat Report Volume 2015Waqas Amir
 
What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?Samvel Gevorgyan
 
Can you predict who will win the US election?
Can you predict who will win the US election?Can you predict who will win the US election?
Can you predict who will win the US election?Samvel Gevorgyan
 
Jean pier talbot - web is the battlefield - atlseccon2011
Jean pier talbot - web is the battlefield - atlseccon2011Jean pier talbot - web is the battlefield - atlseccon2011
Jean pier talbot - web is the battlefield - atlseccon2011Atlantic Security Conference
 
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...Symantec
 
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017SurfWatch Labs
 
Symantec Cyber Security Intelligence Report
Symantec Cyber Security Intelligence ReportSymantec Cyber Security Intelligence Report
Symantec Cyber Security Intelligence ReportSymantec
 
Email Security Threats: IT Manager's Eyes Only
Email Security Threats: IT Manager's Eyes Only Email Security Threats: IT Manager's Eyes Only
Email Security Threats: IT Manager's Eyes Only Topsec Technology
 
Fortified Health Security - Horizon Report 2016
Fortified Health Security - Horizon Report 2016Fortified Health Security - Horizon Report 2016
Fortified Health Security - Horizon Report 2016Dan L. Dodson
 
Istr number 23 internet security threat repor 2018 symantec
Istr number 23 internet security threat repor 2018 symantecIstr number 23 internet security threat repor 2018 symantec
Istr number 23 internet security threat repor 2018 symantecSoluciona Facil
 
Symantec Security Refresh Webinar
Symantec Security Refresh WebinarSymantec Security Refresh Webinar
Symantec Security Refresh WebinarArrow ECS UK
 
Symantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec
 
Detecting malicious URLs using binary classification through ada boost algori...
Detecting malicious URLs using binary classification through ada boost algori...Detecting malicious URLs using binary classification through ada boost algori...
Detecting malicious URLs using binary classification through ada boost algori...IJECEIAES
 
Social Media Security
Social Media SecuritySocial Media Security
Social Media Securityscstatelibrary
 
Volume And Vectors 090416
Volume And Vectors 090416Volume And Vectors 090416
Volume And Vectors 090416Anthony Arrott
 
Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Roen Branham
 
Iranian Hackers Have Hit Hundreds of Companies in Past Two Years
Iranian Hackers Have Hit Hundreds of Companies in Past Two YearsIranian Hackers Have Hit Hundreds of Companies in Past Two Years
Iranian Hackers Have Hit Hundreds of Companies in Past Two YearsLUMINATIVE MEDIA/PROJECT COUNSEL MEDIA GROUP
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hackingijtsrd
 
State of Internet 2H 2008
State of Internet 2H 2008State of Internet 2H 2008
State of Internet 2H 2008Kim Jensen
 
CYREN_Q1_2015_Trend_Report
CYREN_Q1_2015_Trend_ReportCYREN_Q1_2015_Trend_Report
CYREN_Q1_2015_Trend_ReportChris Taylor
 
Topsec email security 2016
Topsec email security 2016Topsec email security 2016
Topsec email security 2016Nathan CAVRIL
 
Symantec Intelligence Report September 2014
Symantec Intelligence Report September 2014Symantec Intelligence Report September 2014
Symantec Intelligence Report September 2014Symantec
 
Enabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSEnabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSPaul Walsh
 
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat ReportTECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat ReportSymantec
 
Grift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideGrift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideRoen Branham
 
Rewarding the Right Behaviour in a Mobile World - by Chris Rolfe
Rewarding the Right Behaviour in a Mobile World - by Chris Rolfe Rewarding the Right Behaviour in a Mobile World - by Chris Rolfe
Rewarding the Right Behaviour in a Mobile World - by Chris Rolfe RAMP Group
 
Unified communications presence er den afgørende funktion (pdf)
Unified communications presence er den afgørende funktion (pdf)Unified communications presence er den afgørende funktion (pdf)
Unified communications presence er den afgørende funktion (pdf)Kim Jensen
 

Contenu connexe

Tendances

How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017SurfWatch Labs
 
Symantec Cyber Security Intelligence Report
Symantec Cyber Security Intelligence ReportSymantec Cyber Security Intelligence Report
Symantec Cyber Security Intelligence ReportSymantec
 
Email Security Threats: IT Manager's Eyes Only
Email Security Threats: IT Manager's Eyes Only Email Security Threats: IT Manager's Eyes Only
Email Security Threats: IT Manager's Eyes Only Topsec Technology
 
Fortified Health Security - Horizon Report 2016
Fortified Health Security - Horizon Report 2016Fortified Health Security - Horizon Report 2016
Fortified Health Security - Horizon Report 2016Dan L. Dodson
 
Istr number 23 internet security threat repor 2018 symantec
Istr number 23 internet security threat repor 2018 symantecIstr number 23 internet security threat repor 2018 symantec
Istr number 23 internet security threat repor 2018 symantecSoluciona Facil
 
Symantec Security Refresh Webinar
Symantec Security Refresh WebinarSymantec Security Refresh Webinar
Symantec Security Refresh WebinarArrow ECS UK
 
Symantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec
 
Detecting malicious URLs using binary classification through ada boost algori...
Detecting malicious URLs using binary classification through ada boost algori...Detecting malicious URLs using binary classification through ada boost algori...
Detecting malicious URLs using binary classification through ada boost algori...IJECEIAES
 
Volume And Vectors 090416
Volume And Vectors 090416Volume And Vectors 090416
Volume And Vectors 090416Anthony Arrott
 
Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Roen Branham
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hackingijtsrd
 
State of Internet 2H 2008
State of Internet 2H 2008State of Internet 2H 2008
State of Internet 2H 2008Kim Jensen
 
CYREN_Q1_2015_Trend_Report
CYREN_Q1_2015_Trend_ReportCYREN_Q1_2015_Trend_Report
CYREN_Q1_2015_Trend_ReportChris Taylor
 
Topsec email security 2016
Topsec email security 2016Topsec email security 2016
Topsec email security 2016Nathan CAVRIL
 
Symantec Intelligence Report September 2014
Symantec Intelligence Report September 2014Symantec Intelligence Report September 2014
Symantec Intelligence Report September 2014Symantec
 
Enabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSEnabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSPaul Walsh
 
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat ReportTECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat ReportSymantec
 
Grift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideGrift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideRoen Branham
 

Tendances (20)

How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
 
Symantec Cyber Security Intelligence Report
Symantec Cyber Security Intelligence ReportSymantec Cyber Security Intelligence Report
Symantec Cyber Security Intelligence Report
 
Email Security Threats: IT Manager's Eyes Only
Email Security Threats: IT Manager's Eyes Only Email Security Threats: IT Manager's Eyes Only
Email Security Threats: IT Manager's Eyes Only
 
Fortified Health Security - Horizon Report 2016
Fortified Health Security - Horizon Report 2016Fortified Health Security - Horizon Report 2016
Fortified Health Security - Horizon Report 2016
 
Istr number 23 internet security threat repor 2018 symantec
Istr number 23 internet security threat repor 2018 symantecIstr number 23 internet security threat repor 2018 symantec
Istr number 23 internet security threat repor 2018 symantec
 
Symantec Security Refresh Webinar
Symantec Security Refresh WebinarSymantec Security Refresh Webinar
Symantec Security Refresh Webinar
 
Symantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government Sector
 
Detecting malicious URLs using binary classification through ada boost algori...
Detecting malicious URLs using binary classification through ada boost algori...Detecting malicious URLs using binary classification through ada boost algori...
Detecting malicious URLs using binary classification through ada boost algori...
 
Social Media Security
Social Media SecuritySocial Media Security
Social Media Security
 
Volume And Vectors 090416
Volume And Vectors 090416Volume And Vectors 090416
Volume And Vectors 090416
 
Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021
 
Iranian Hackers Have Hit Hundreds of Companies in Past Two Years
Iranian Hackers Have Hit Hundreds of Companies in Past Two YearsIranian Hackers Have Hit Hundreds of Companies in Past Two Years
Iranian Hackers Have Hit Hundreds of Companies in Past Two Years
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
State of Internet 2H 2008
State of Internet 2H 2008State of Internet 2H 2008
State of Internet 2H 2008
 
CYREN_Q1_2015_Trend_Report
CYREN_Q1_2015_Trend_ReportCYREN_Q1_2015_Trend_Report
CYREN_Q1_2015_Trend_Report
 
Topsec email security 2016
Topsec email security 2016Topsec email security 2016
Topsec email security 2016
 
Symantec Intelligence Report September 2014
Symantec Intelligence Report September 2014Symantec Intelligence Report September 2014
Symantec Intelligence Report September 2014
 
Enabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSEnabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMS
 
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat ReportTECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
 
Grift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideGrift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a ride
 

En vedette

Rewarding the Right Behaviour in a Mobile World - by Chris Rolfe
Rewarding the Right Behaviour in a Mobile World - by Chris Rolfe Rewarding the Right Behaviour in a Mobile World - by Chris Rolfe
Rewarding the Right Behaviour in a Mobile World - by Chris Rolfe RAMP Group
 
Unified communications presence er den afgørende funktion (pdf)
Unified communications presence er den afgørende funktion (pdf)Unified communications presence er den afgørende funktion (pdf)
Unified communications presence er den afgørende funktion (pdf)Kim Jensen
 
The Woo themes story - by Adriaan Pienaar
The Woo themes story - by Adriaan PienaarThe Woo themes story - by Adriaan Pienaar
The Woo themes story - by Adriaan PienaarRAMP Group
 
Data Loss Prevention Danmark
Data Loss Prevention DanmarkData Loss Prevention Danmark
Data Loss Prevention DanmarkKim Jensen
 
Rarely Seen Shuttle Activities
Rarely Seen Shuttle ActivitiesRarely Seen Shuttle Activities
Rarely Seen Shuttle ActivitiesLuiz Carlos Dias
 
Czytam, więc wiem
Czytam, więc wiemCzytam, więc wiem
Czytam, więc wiemporanny24
 
Spam & Spyware Legal Study 2009
Spam & Spyware Legal Study 2009Spam & Spyware Legal Study 2009
Spam & Spyware Legal Study 2009Kim Jensen
 
Voddler and Copyright in the eu digital single market
Voddler and Copyright in the eu digital single marketVoddler and Copyright in the eu digital single market
Voddler and Copyright in the eu digital single marketAnders Sjöman
 
Edukacja sierpien-2015-poranny
Edukacja sierpien-2015-porannyEdukacja sierpien-2015-poranny
Edukacja sierpien-2015-porannyporanny24
 
Student w Białymstoku
Student w BiałymstokuStudent w Białymstoku
Student w Białymstokuporanny24
 
Hannes van Rensburg
Hannes van RensburgHannes van Rensburg
Hannes van RensburgRAMP Group
 
III edycja Czytam, więc wiem - oferta dla mecenasa
III edycja Czytam, więc wiem - oferta dla mecenasaIII edycja Czytam, więc wiem - oferta dla mecenasa
III edycja Czytam, więc wiem - oferta dla mecenasaporanny24
 
Giving up Gutenberg: Shaping the future of Internet publishing by shrugging o...
Giving up Gutenberg: Shaping the future of Internet publishing by shrugging o...Giving up Gutenberg: Shaping the future of Internet publishing by shrugging o...
Giving up Gutenberg: Shaping the future of Internet publishing by shrugging o...RAMP Group
 
Sådan kommer du i gang med skyen (pdf)
Sådan kommer du i gang med skyen (pdf)Sådan kommer du i gang med skyen (pdf)
Sådan kommer du i gang med skyen (pdf)Kim Jensen
 
Białystok 2010 - 2012
Białystok 2010 - 2012Białystok 2010 - 2012
Białystok 2010 - 2012poranny24
 

En vedette (20)

Rewarding the Right Behaviour in a Mobile World - by Chris Rolfe
Rewarding the Right Behaviour in a Mobile World - by Chris Rolfe Rewarding the Right Behaviour in a Mobile World - by Chris Rolfe
Rewarding the Right Behaviour in a Mobile World - by Chris Rolfe
 
Unified communications presence er den afgørende funktion (pdf)
Unified communications presence er den afgørende funktion (pdf)Unified communications presence er den afgørende funktion (pdf)
Unified communications presence er den afgørende funktion (pdf)
 
The Woo themes story - by Adriaan Pienaar
The Woo themes story - by Adriaan PienaarThe Woo themes story - by Adriaan Pienaar
The Woo themes story - by Adriaan Pienaar
 
Data Loss Prevention Danmark
Data Loss Prevention DanmarkData Loss Prevention Danmark
Data Loss Prevention Danmark
 
Rarely Seen Shuttle Activities
Rarely Seen Shuttle ActivitiesRarely Seen Shuttle Activities
Rarely Seen Shuttle Activities
 
Na studia
Na studiaNa studia
Na studia
 
Czytam, więc wiem
Czytam, więc wiemCzytam, więc wiem
Czytam, więc wiem
 
Spam & Spyware Legal Study 2009
Spam & Spyware Legal Study 2009Spam & Spyware Legal Study 2009
Spam & Spyware Legal Study 2009
 
Rolniczy
RolniczyRolniczy
Rolniczy
 
Voddler and Copyright in the eu digital single market
Voddler and Copyright in the eu digital single marketVoddler and Copyright in the eu digital single market
Voddler and Copyright in the eu digital single market
 
Engineering the future
Engineering the futureEngineering the future
Engineering the future
 
Uma panorâmica de Veneza
Uma panorâmica de VenezaUma panorâmica de Veneza
Uma panorâmica de Veneza
 
Edukacja sierpien-2015-poranny
Edukacja sierpien-2015-porannyEdukacja sierpien-2015-poranny
Edukacja sierpien-2015-poranny
 
Student w Białymstoku
Student w BiałymstokuStudent w Białymstoku
Student w Białymstoku
 
Hannes van Rensburg
Hannes van RensburgHannes van Rensburg
Hannes van Rensburg
 
III edycja Czytam, więc wiem - oferta dla mecenasa
III edycja Czytam, więc wiem - oferta dla mecenasaIII edycja Czytam, więc wiem - oferta dla mecenasa
III edycja Czytam, więc wiem - oferta dla mecenasa
 
Giving up Gutenberg: Shaping the future of Internet publishing by shrugging o...
Giving up Gutenberg: Shaping the future of Internet publishing by shrugging o...Giving up Gutenberg: Shaping the future of Internet publishing by shrugging o...
Giving up Gutenberg: Shaping the future of Internet publishing by shrugging o...
 
Peter Flynn
Peter FlynnPeter Flynn
Peter Flynn
 
Sådan kommer du i gang med skyen (pdf)
Sådan kommer du i gang med skyen (pdf)Sådan kommer du i gang med skyen (pdf)
Sådan kommer du i gang med skyen (pdf)
 
Białystok 2010 - 2012
Białystok 2010 - 2012Białystok 2010 - 2012
Białystok 2010 - 2012
 

Similaire à State of Internet 1H 2008

Symantec Website Threat Report Part-1 2015
Symantec Website Threat Report Part-1 2015Symantec Website Threat Report Part-1 2015
Symantec Website Threat Report Part-1 2015RapidSSLOnline.com
 
The Critical Need to Secure the Web in Your Company
The Critical Need to Secure the Web in Your CompanyThe Critical Need to Secure the Web in Your Company
The Critical Need to Secure the Web in Your CompanyOsterman Research, Inc.
 
Invincea "The New Threat Vector"
Invincea "The New Threat Vector"Invincea "The New Threat Vector"
Invincea "The New Threat Vector"dogallama
 
Discovering the Value of Verifying Web Application Security Using IBM Rationa...
Discovering the Value of Verifying Web Application Security Using IBM Rationa...Discovering the Value of Verifying Web Application Security Using IBM Rationa...
Discovering the Value of Verifying Web Application Security Using IBM Rationa...Alan Kan
 
Web Security and Network Security
Web Security and Network SecurityWeb Security and Network Security
Web Security and Network Securitycrussell79
 
Today's malware aint what you think
Today's malware aint what you thinkToday's malware aint what you think
Today's malware aint what you thinkNathan Winters
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threatsReadWrite
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Erik Ginalick
 
DEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptDEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptschwarz10
 
Adjusting Your Security Controls: It’s the New Normal
Adjusting Your Security Controls: It’s the New NormalAdjusting Your Security Controls: It’s the New Normal
Adjusting Your Security Controls: It’s the New NormalPriyanka Aash
 
Spam and Phishing Report - Marzo 2010
Spam and Phishing Report - Marzo 2010Spam and Phishing Report - Marzo 2010
Spam and Phishing Report - Marzo 2010Symantec Italia
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsBen Graybar
 
Secure by design and secure software development
Secure by design and secure software developmentSecure by design and secure software development
Secure by design and secure software developmentBill Ross
 
Cyber security and current trends
Cyber security and current trendsCyber security and current trends
Cyber security and current trendsShreedeep Rayamajhi
 
Web 2.0/Social Networks and Security
Web 2.0/Social Networks and SecurityWeb 2.0/Social Networks and Security
Web 2.0/Social Networks and Securitysherrymoon7121
 
Slidecast ppt
Slidecast pptSlidecast ppt
Slidecast pptxinygu
 
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-ThreatsThe Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats- Mark - Fullbright
 
The Evolution of Phising Attacks
The Evolution of Phising AttacksThe Evolution of Phising Attacks
The Evolution of Phising AttacksBee_Ware
 
Webinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWebinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWPICPE
 

Similaire à State of Internet 1H 2008 (20)

Symantec Website Threat Report Part-1 2015
Symantec Website Threat Report Part-1 2015Symantec Website Threat Report Part-1 2015
Symantec Website Threat Report Part-1 2015
 
The Critical Need to Secure the Web in Your Company
The Critical Need to Secure the Web in Your CompanyThe Critical Need to Secure the Web in Your Company
The Critical Need to Secure the Web in Your Company
 
Invincea "The New Threat Vector"
Invincea "The New Threat Vector"Invincea "The New Threat Vector"
Invincea "The New Threat Vector"
 
The Dangers of Lapto
The Dangers of LaptoThe Dangers of Lapto
The Dangers of Lapto
 
Discovering the Value of Verifying Web Application Security Using IBM Rationa...
Discovering the Value of Verifying Web Application Security Using IBM Rationa...Discovering the Value of Verifying Web Application Security Using IBM Rationa...
Discovering the Value of Verifying Web Application Security Using IBM Rationa...
 
Web Security and Network Security
Web Security and Network SecurityWeb Security and Network Security
Web Security and Network Security
 
Today's malware aint what you think
Today's malware aint what you thinkToday's malware aint what you think
Today's malware aint what you think
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threats
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112
 
DEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptDEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.ppt
 
Adjusting Your Security Controls: It’s the New Normal
Adjusting Your Security Controls: It’s the New NormalAdjusting Your Security Controls: It’s the New Normal
Adjusting Your Security Controls: It’s the New Normal
 
Spam and Phishing Report - Marzo 2010
Spam and Phishing Report - Marzo 2010Spam and Phishing Report - Marzo 2010
Spam and Phishing Report - Marzo 2010
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools Tactics
 
Secure by design and secure software development
Secure by design and secure software developmentSecure by design and secure software development
Secure by design and secure software development
 
Cyber security and current trends
Cyber security and current trendsCyber security and current trends
Cyber security and current trends
 
Web 2.0/Social Networks and Security
Web 2.0/Social Networks and SecurityWeb 2.0/Social Networks and Security
Web 2.0/Social Networks and Security
 
Slidecast ppt
Slidecast pptSlidecast ppt
Slidecast ppt
 
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-ThreatsThe Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
The Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats
 
The Evolution of Phising Attacks
The Evolution of Phising AttacksThe Evolution of Phising Attacks
The Evolution of Phising Attacks
 
Webinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at HomeWebinar - Cyber Hygiene: Stay Clean at Work and at Home
Webinar - Cyber Hygiene: Stay Clean at Work and at Home
 

Plus de Kim Jensen

Forcepoint Whitepaper 2016 Security Predictions
Forcepoint Whitepaper 2016 Security PredictionsForcepoint Whitepaper 2016 Security Predictions
Forcepoint Whitepaper 2016 Security PredictionsKim Jensen
 
OpenDNS presenter pack
OpenDNS presenter packOpenDNS presenter pack
OpenDNS presenter packKim Jensen
 
Infoworld deep dive - Mobile Security2015 updated
Infoworld deep dive - Mobile Security2015 updatedInfoworld deep dive - Mobile Security2015 updated
Infoworld deep dive - Mobile Security2015 updatedKim Jensen
 
Hewlett-Packard Enterprise- State of Security Operations 2015
Hewlett-Packard Enterprise- State of Security Operations 2015Hewlett-Packard Enterprise- State of Security Operations 2015
Hewlett-Packard Enterprise- State of Security Operations 2015Kim Jensen
 
5 things needed to know migrating Windows Server 2003
5 things needed to know migrating Windows Server 20035 things needed to know migrating Windows Server 2003
5 things needed to know migrating Windows Server 2003Kim Jensen
 
Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014Kim Jensen
 
Cisco 2013 Annual Security Report
Cisco 2013 Annual Security ReportCisco 2013 Annual Security Report
Cisco 2013 Annual Security ReportKim Jensen
 
Security Survey 2013 UK
Security Survey 2013 UKSecurity Survey 2013 UK
Security Survey 2013 UKKim Jensen
 
Miercom Security Effectiveness Test Report
Miercom Security Effectiveness Test Report Miercom Security Effectiveness Test Report
Miercom Security Effectiveness Test Report Kim Jensen
 
DK Cert Trend Rapport 2012
DK Cert Trend Rapport 2012DK Cert Trend Rapport 2012
DK Cert Trend Rapport 2012Kim Jensen
 
Bliv klar til cloud med Citrix Netscaler (pdf)
Bliv klar til cloud med Citrix Netscaler (pdf)Bliv klar til cloud med Citrix Netscaler (pdf)
Bliv klar til cloud med Citrix Netscaler (pdf)Kim Jensen
 
Data Breach Investigations Report 2012
Data Breach Investigations Report 2012Data Breach Investigations Report 2012
Data Breach Investigations Report 2012Kim Jensen
 
State of Web Q3 2011
State of Web Q3 2011State of Web Q3 2011
State of Web Q3 2011Kim Jensen
 
Wave mobile collaboration Q3 2011
Wave mobile collaboration Q3 2011Wave mobile collaboration Q3 2011
Wave mobile collaboration Q3 2011Kim Jensen
 
Corporate Web Security
Corporate Web SecurityCorporate Web Security
Corporate Web SecurityKim Jensen
 
Cloud security Deep Dive 2011
Cloud security Deep Dive 2011Cloud security Deep Dive 2011
Cloud security Deep Dive 2011Kim Jensen
 
Cloud rambøll mgmt - briefing d. 28. januar 2011
Cloud rambøll mgmt - briefing d. 28. januar 2011Cloud rambøll mgmt - briefing d. 28. januar 2011
Cloud rambøll mgmt - briefing d. 28. januar 2011Kim Jensen
 
Cloud security deep dive infoworld jan 2011
Cloud security deep dive infoworld jan 2011Cloud security deep dive infoworld jan 2011
Cloud security deep dive infoworld jan 2011Kim Jensen
 
Cloud services deep dive infoworld july 2010
Cloud services deep dive infoworld july 2010Cloud services deep dive infoworld july 2010
Cloud services deep dive infoworld july 2010Kim Jensen
 
Unified communication by hp
Unified communication by hpUnified communication by hp
Unified communication by hpKim Jensen
 

Plus de Kim Jensen (20)

Forcepoint Whitepaper 2016 Security Predictions
Forcepoint Whitepaper 2016 Security PredictionsForcepoint Whitepaper 2016 Security Predictions
Forcepoint Whitepaper 2016 Security Predictions
 
OpenDNS presenter pack
OpenDNS presenter packOpenDNS presenter pack
OpenDNS presenter pack
 
Infoworld deep dive - Mobile Security2015 updated
Infoworld deep dive - Mobile Security2015 updatedInfoworld deep dive - Mobile Security2015 updated
Infoworld deep dive - Mobile Security2015 updated
 
Hewlett-Packard Enterprise- State of Security Operations 2015
Hewlett-Packard Enterprise- State of Security Operations 2015Hewlett-Packard Enterprise- State of Security Operations 2015
Hewlett-Packard Enterprise- State of Security Operations 2015
 
5 things needed to know migrating Windows Server 2003
5 things needed to know migrating Windows Server 20035 things needed to know migrating Windows Server 2003
5 things needed to know migrating Windows Server 2003
 
Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014
 
Cisco 2013 Annual Security Report
Cisco 2013 Annual Security ReportCisco 2013 Annual Security Report
Cisco 2013 Annual Security Report
 
Security Survey 2013 UK
Security Survey 2013 UKSecurity Survey 2013 UK
Security Survey 2013 UK
 
Miercom Security Effectiveness Test Report
Miercom Security Effectiveness Test Report Miercom Security Effectiveness Test Report
Miercom Security Effectiveness Test Report
 
DK Cert Trend Rapport 2012
DK Cert Trend Rapport 2012DK Cert Trend Rapport 2012
DK Cert Trend Rapport 2012
 
Bliv klar til cloud med Citrix Netscaler (pdf)
Bliv klar til cloud med Citrix Netscaler (pdf)Bliv klar til cloud med Citrix Netscaler (pdf)
Bliv klar til cloud med Citrix Netscaler (pdf)
 
Data Breach Investigations Report 2012
Data Breach Investigations Report 2012Data Breach Investigations Report 2012
Data Breach Investigations Report 2012
 
State of Web Q3 2011
State of Web Q3 2011State of Web Q3 2011
State of Web Q3 2011
 
Wave mobile collaboration Q3 2011
Wave mobile collaboration Q3 2011Wave mobile collaboration Q3 2011
Wave mobile collaboration Q3 2011
 
Corporate Web Security
Corporate Web SecurityCorporate Web Security
Corporate Web Security
 
Cloud security Deep Dive 2011
Cloud security Deep Dive 2011Cloud security Deep Dive 2011
Cloud security Deep Dive 2011
 
Cloud rambøll mgmt - briefing d. 28. januar 2011
Cloud rambøll mgmt - briefing d. 28. januar 2011Cloud rambøll mgmt - briefing d. 28. januar 2011
Cloud rambøll mgmt - briefing d. 28. januar 2011
 
Cloud security deep dive infoworld jan 2011
Cloud security deep dive infoworld jan 2011Cloud security deep dive infoworld jan 2011
Cloud security deep dive infoworld jan 2011
 
Cloud services deep dive infoworld july 2010
Cloud services deep dive infoworld july 2010Cloud services deep dive infoworld july 2010
Cloud services deep dive infoworld july 2010
 
Unified communication by hp
Unified communication by hpUnified communication by hp
Unified communication by hp
 

Dernier

Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfOverkill Security
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 

Dernier (20)

Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 

State of Internet 1H 2008

  • 1. Websense security Labs™ state of internet security Q1 – Q2, 2008
  • 2. Websense security Labs™: state of internet security, Q1 – Q2, 2008 Websense® security Labs uses the patent-pending Websense threatseeker™ network to discover, clas- sify and monitor global internet threats and trends. featuring the world’s first internet HoneyGrid™, the system uses hundreds of technologies including honeyclients, honeypots, reputation systems, machine learning and advanced grid computing systems to parse through more than one billion pieces of content daily, searching for security threats. every hour, it scans more than 40 million Web sites for malicious code and scans nearly ten million emails for unwanted content and malicious code. using more than 50 million real-time data collecting systems, the Websense threatseeker network monitors and classifies Web, messaging, and data content—providing Websense with unparalleled visibility into the state of content on the internet and email. this report summarizes the significant findings of Websense researchers using the threatseeker net- work during the six-month period ending in June, 2008. Websense ThreatSeeker Network Research Highlights, Q1 – Q2 2008 Web Security • 75 percent of Web sites with malicious code are legitimate sites that have been compro- mised. this represents an almost 50 percent increase over the previous six-month period. • 60 percent of the top 100 most popular Web sites have either hosted or been involved in malicious activity in the first half of 2008. • 12 percent of Web sites infected with malicious code were created using Web malware ex- ploitation kits, a decrease of 33 percent since December 2007. Websense researchers believe this decrease may be attributed to attackers launching more customized attacks to avoid signature detection by security measures. Messaging Security • 87 percent of email messages are spam. this percentage remains the same as the second half of 2007. • 76.5 percent of all emails in circulation contained links to spam sites and/or malicious Web sites. this represents an 18 percent increase over the previous six-month period. • 85 percent of unwanted (spam or malicious) emails contain a link. • Pornography-related spam decreased by more than 70 percent and is no longer the most popular topic for spam. shopping (20 percent), cosmetics (19 percent), and Medical (11 per- cent) represent the majority of today’s spam. • 9 percent of spam messages are phishing attacks, representing a 47 percent increase over the last six months. Data Security • 29 percent of malicious Web attacks included data-stealing code. • 46 percent of data-stealing attacks are conducted over the Web. 1 Source: Alexa (www.alexa.com) data on Web traffic for top 100 Web sites 1
  • 3. Websense security Labs™: state of internet security, Q1 – Q2, 2008 With data-stealing Web and email attacks on the rise, Websense security Labs is tracking where data is being sent. Of the 46.37 percent of malware that connects via the Web: • 57.3 percent of malware connects to united states of america • 6.19 percent of malware connects to china • 5.5 percent of malware connects to canada • 4.27 percent of malware connects to russia • 4.11 percent of malware connects to brazil • 22.63 percent of malware connects to other countries Cybercriminals Increase Attacks on Web Sites with “Good” Reputations During the first half of 2008, the volume of legitimate Web sites compromised with malicious code con- tinued to surpass the number of sites created by attackers specifically for malicious purposes. in the first half of 2008 more than 75 percent of the Web sites Websense classified as malicious were actually sites with seemingly “good” reputations that had been compromised by attackers. this represents a 50 percent increase over the last six months. The Webscape Demonstrates Web 2.0 Sites Are a Fresh Target Websense security Labs classifies the Webscape into four general sections. the top 100 most visited Web properties tend to be classified as social networking or search sites such as search engines. the next 10,000 most visited sites are primarily current event and news sites and, down the “long tail” of the internet, Web sites that are more regional and genre-focused. the growing tail end of the Webscape is comprised of personal sites like blogs, small business sites, and Web sites specifically set up for fraud and abuse. each area of the Webscape has its own unique security challenges, but the top 100 Web properties that encompass the largest amount of visitors is a growing target of attackers. research shows that attackers continue to focus their attention on the Web 2.0 elements of the evolving Web- scape, meaning that adaptive content classification and dynamic content scanning is now required to protect businesses and their information. below is a graphic of the Websense view of the Webscape: 2
  • 4. Websense security Labs™: state of internet security, Q1 – Q2, 2008 The top 100 most visited Web sites: • represent the majority of all Web page views, and are the most popular target for attackers. With their large user base, good reputations and support of Web 2.0 applications, these sites provide malicious code authors with abundant opportunity. • Websense security Labs identified that 90 percent of the top 100 sites are categorized as social networking or search. • More than 45 percent of these sites support user-generated content. • 60 percent of these sites either hosted malicious content or contained a masked redirect to lure unsuspecting victims from legitimate sites to malicious sites. in many cases these redirects appear as the actual Web site, when in fact the content served on that page is being hosted elsewhere. Security Trends Tarnished Reputations continuing the trend identified by Websense in 2007, attackers continued to take advantage of flaws in traditional security measures and bypass reputation-based systems to increase attack effectiveness. In April of 2008, Websense Security Labs discovered massive attacks that compromised hundreds of thousands of legitimate Web sites with good reputations worldwide with data-stealing malicious code. this attack included sites from Msnbc, ZDnet, Wired, the united nations, a large uK government site, and more. in this attack, when a user’s browser opened one of the thousands of compromised sites, a carefully crafted iframe HtML tag redirected users to a malicious site rife with exploits. as a result, mali- cious code, designed to steal confidential information, was launched on vulnerable machines. in addition to Web exploits, email spammers are also taking advantage of the reputation of popular email services like yahoo! and Gmail to bypass antispam systems. During the first half of 2008, Websense Security Labs found spammers using sophisticated tools and bots to break the “CAPTCHA -” systems that were developed to keep email and other services safe from spammers and other ma- licious activity. Microsoft Live Mail, Google’s popular Gmail service and yahoo! mail services were all compromised by this breakthrough method. subsequently, spammers have been able to sign up for the free email accounts on a mass basis and send out spam from email accounts with good reputations. With a free sign- up process, access to a wide portfolio of services and domains that are unlikely to be blacklisted given their reputation, spammers have been able to launch attacks on millions of users worldwide while maintaining anonymity. Attackers Are Changing the Game with Web 2.0 as more organizations and their employees are adopting Web 2.0 technologies for legitimate business reasons, users are given privileges such as directly editing Web content or uploading files—potentially causing more security issues as many organizations lack the adequate security technologies and practic- es to enable safe Web 2.0 use. the increase in Web 2.0 applications has allowed hackers to target users and businesses using mash-ups, unattended code injection, and other tactics providing yet another level of complexity for organizations and users that want to prevent data loss and malicious attacks. Websense has found that the content of a single Web page may be comprised from multiple locations including a variety of disparate sources. the danger is that users typically associate the content they are viewing from the urL in the address bar, not the actual content source. the urL is no longer an ac- curate representation of the source content from the Web page. as such, organizations that enable their employees to view Web 2.0 technologies like iGoogle Web portals or social networking sites, wikis, and blogs, need real-time Web security protection to protect their employees and their essential information. 2 CAPTCHA Definition: Completely Automated Public Turing test to tell Computers and Humans Apart 3
  • 5. Websense security Labs™: state of internet security, Q1 – Q2, 2008 Malware masquerading as Web ads proved to be a popular means for hackers to distribute malicious content onto high-profile sites during the first half of the year. Websense security Labs identified several instances where malicious banners ran on high-traffic, high-reputation sites such as Myspace, excite.com, yahoo! Mail and Perl.com to increase chances of exploiting a larger audience. Myspace un- knowingly ran banners that pushed nefarious malware to unsuspecting users. With excite.com, attackers used the notion of “transitive trust” to exploit the faith the user placed with the Web site. trusting users didn’t realize that the execut- able they were downloading came from embedded, malicious banners, and not from excite.com. antivirus vendors failed to identify many of these attacks. The Web Remains the Number One Attack Vector as internet users increase, the Web attack vector continues to grow. Web servers are increasingly com- promised through persistent cross-site scripting (Xss) and sQL injection as well as Dns cache poisoning attacks. in June of 2008, Websense security Labs received reports that the official Web sites of icann and iana Domains were hijacked by a turkish group called “netDevilz” using Dns cache poisoning. over the last six months, Websense security Labs has tracked hackers using toolkits to search for Web sites vulnerable to sQL injection attacks. attackers target hosts with both a high profile and strong repu- tation, to maximize the number of visitors once the site has been compromised. in addition, client-based threats have increased with popular Web 2.0 components such as facebook’s “secret crush” applica- tion, which is actually ad-serving software, as well as multi-media applications that contain exploits such as Quicktime and flash. below are the top ten Web attack vectors over the last six months. Top 10 Web Attack Vectors in 1st Half of 2008: 1. browser vulnerabilities 2. adobe flash vulnerabilities 3. activeX vulnerabilities 4. sQL injection 5. adobe acrobat reader vulnerabilities 6. content management systems (cMs) vulnerabilities 7. apple Quicktime vulnerabilities 8. Malicious Web 2.0 components (e.g. facebook applications, third-party widgets/gadgets, banner ads etc) 9. realPlayer vulnerabilities 10. Dns cache poisoning 4
  • 6. Websense security Labs™: state of internet security, Q1 – Q2, 2008 Metrics Websense security Labs tracks the following metrics to identify details about Web and email-based at- tacks against data and businesses. Top Countries Hosting Phishing Sites (Jan 08 – Jun 08) the pie graphs below demonstrate the top three countries, by month, with the highest number of phishing attacks. Phishing attacks have been trending down over the last six months; this is in contrast to the same six months a year ago. 5
  • 7. Websense security Labs™: state of internet security, Q1 – Q2, 2008 Top Countries Hosting Crimeware (Jan 08 – June 08) the pie graphs below demonstrate the top 3 countries by month hosting crimeware, a class of malware designed specifically to automate financial crime. over the last six months, the majority of malware was hosted in the united states and china. 6
  • 8. Websense security Labs™: state of internet security, Q1 – Q2, 2008 From Discovery to Patch: Window of Vulnerability Websense security supplements outdated antivirus and firewalls by seeking out threats before custom- ers are infected and provides protection within minutes of discovery—before patches and signatures are available. the chart below shows the window of exposure between threat detection by Websense threatseeker network and the release of the patch by antivirus software providers. the dates below represent the time it took for the antivirus vendors to publish a signature for the malicious threats Web- sense detected. Blended Threats the convergence of Web and email threats—or “blended threats”—continues to increase. Websense security Labs reports that now more than 76.5 percent of all emails in circulation during this period con- tained links to spam sites and/or malicious Web sites. this represents a substantial 18 percent increase since December 2007. examples of blended threats are the “Storm” attacks. the storm attack authors have launched some of the most prolific attacks of the last few years. storm is a perfect example of a blended threat that uses multiple attack vectors including DDos, Web, Peer-to-Peer (P2P), encryption, and malware distribu- tion. Websense security Labs has been tracing the storm worm since early 2007 when the first wave of the storm worm erupted in the wild. antivirus vendors have struggled to keep up with this widespread attack. storm lures are presented as short, simple emails, enticing the victim to click preferred links and download a malicious file. Lures range from holidays like the fourth of July, natural disasters like the earthquakes in china and most recently, popular events like the olympics. these targeted spam cam- paigns represent one of largest professional botnets in the internet’s history. storm’s use of advanced polymorphism (or constantly changing attributes) makes it difficult for traditional security technology to detect. 7
  • 9. Websense security Labs™: state of internet security, Q1 – Q2, 2008 Spam Types in the past six months Websense security Labs has seen spammers move away from distributing spam through attachments, preferring instead to distribute urLs to spam-hosting and distribution sites. ad- ditionally, Websense noticed a reduction in image spam from 32 percent in December of 2007 to 18 percent in June 2008. over the last six months, the global number of messages containing viruses is low in comparison to the number of messages classified as spam. However, the virus activity is steadily increasing, representing a 500 percent increase since December of 2007. the percentage of email messages flagged as spam remains static at 87 percent with a zero-percent change over the last six months. 8
  • 10. Websense security Labs™: state of internet security, Q1 – Q2, 2008 over the last six-months, the volume of pornographic spam, decreased more than 70 percent while shopping increased by almost 80 percent. the reason for the swap may be related to the fact that spam- mers are getting more sophisticated. they are using social networking sites to learn more about their victims and using targeted campaigns to increase their attack conversion rates. the three most popular topics for spam are now shopping (20 percent), cosmetics (19 percent) and medical (11 percent.) as shown in bar chart below, Websense security Labs classifies spam into the following 15 categories: Websense Security Labs Firsts the following list highlights a few of the major attacks successfully identified by Websense security Labs during the first half of 2008. Spammers streamline anti-CAPTCHA operations on Microsoft Windows Live Mail and Gmail Attack Date: 02/06/08 Attack Details: Websense security Labs, with its threatseeker network, discovered that Windows Live Mail accounts, a free Web mail service from Microsoft, was being targeted by spammers using a new sophisticated technique to create thousands of Windows Live email addresses by cracking the caPtcHa protection designed to prevent the creation of fraudulent accounts. using a bot network, spammers established a connection to the registration page of the Microsoft-owned mail service and were able to bypass the caPtcHa requirement 35 percent of the time. free email services from Microsoft, yahoo! and Google are rarely blocked by anti-spam filters, making accounts from these services highly profitable and valued by spammers. in addition, Websense security Labs discovered that Google’s popular Web mail service, Gmail, was being targeted by spammers to create bots that are capable of signing up and creating random Gmail accounts for nefarious purposes. Websense researchers believe that the same group is involved in breaking the Microsoft Windows Live Mail caPtcHa break as well as the Gmail caPtcHa break. Websense Security Labs researchers believe there are four main advantages to this approach: • signing up for an account with Google or Microsoft allows access to its wide portfolio of services. • Google or Microsoft’s domains are unlikely to be blacklisted by anti-spam filters. • these services are free. • it’s difficult to identify illegitimate accounts as millions of users worldwide are using various Google services on a regular basis. this provides spammers with a layer of anonymity, making it harder to detect and track their actions. 9
  • 11. Websense security Labs™: state of internet security, Q1 – Q2, 2008 Economic Stimulus Phish Attack Date: 05/16/2008 Threat Attack Details: eager recipients of the internal revenue service economic-stimulus checks were taken for more than they bargained for with a phishing scheme. Websense security Labs with its threatseeker network dis- covered a phishing attack that aimed to steal tax-payer’s sensitive information, dubbed the “economic stimulus Phish”. the attackers sent out an email to potential victims that provided a quick explanation of the recent economic-stimulus package and encouraged them to sign up for direct deposit by clicking on a link before May 17. it warned that if the recipient didn’t respond in time, their refund would be delayed. users that unsuspectingly clicked on the “tax refund online form” were asked for personal information such as their name, address, credit card, atM pin number, bank name, and social security number. Websense first to discover and protect against Microsoft Excel vulnerability Published March, 2008 (Identified in November 2007) Vulnerability Details: Websense security Labs with its threatseeker network discovered an un-patched, high-risk vulnerability (cert# Ms08-014) in Microsoft excel in november 2007. Microsoft recognized Websense for the find in March 2008 when a patch was issued. the vulnerability allowed code execution within an excel docu- ment without the knowledge of the user. Websense vigilantly watches for exploits of this vulnerability to protect organizations and their essential information from unnecessary threats. Websense will automati- cally block malicious code before it can infect an organization’s computers. 10
  • 12. Websense security Labs™: state of internet security, Q1 – Q2, 2008 A Look Forward & Summary During the first half of 2008 as predicted, the number of compromised Web sites continued to grow and surpass the number of created malicious sites. Websense researchers expect this trend to continue as hackers become more sophisticated and continue to leverage the “good” reputations of Web sites to evade traditional security measures. Websense researchers believe organizations should prepare for continuing challenges in during the second half of 2008 and encourages security managers to shift their protection emphasis from guard- ing against inbound attacks at the infrastructure level—a model suited to perimeter boundaries and the internet as a simple content resource—to guarding essential information against blended threats and accidental or malicious loss, in tune with Web 2.0 and the internet as a business platform. Hackers will continue to get creative and leverage user-created content and Web 2.0 applications to cre- ate even bigger security concerns for organizations. researchers expect attackers to see a rise in special interest attacks – targeting specific groups of people based on interests and profiles. With an increase in spam and “talk back” sections of new sites, new active media, Web modules, scripting and social net- works, organizations will need to ensure their Web, messaging and data security programs are adequate to plug the holes and curb the new avenues hackers exploit to spread malicious code for financial gain. to ensure risk mitigation keeps in step with the threat climate, enterprises must rethink their approaches to Web, messaging, and data security. instead of thinking about technologies, organizations must think about data. How is it used? Who is using it? Where and when is it safe to use? Who can receive it? Which channels can safely send it? a silo-based approach to e-mail and Web filtering will not provide the necessary protection against blended threats. organizations should move towards a comprehensive data centric of security that includes not only Web and messaging security, but also data security to prevent information loss across all channels. this data-centric view means that, rather than investing in protection silos with limited coverage, enter- prises will mesh defenses across technologies, communication channels, and applications focused on protecting data. this integration increases the accuracy of detection and the quality of response. More than just proactive enforcement, this integration provides appropriate protection, because it allows the use of context to understand legitimate business uses and adapt responses. by protecting sensitive data, the essential information of each business, organizations can both embrace and defend the internet business platform. the information and predictions contained within this report are based on analysis of current attack trends, cybercriminal techniques and threat intelligence gathered by researchers with Websense threat- seeker network, Websense Hosted Web security and Websense Hosted email security. 11
  • 13. Websense security Labs™: state of internet security, Q1 – Q2, 2008 About Websense Websense, inc. (nasDaQ: Wbsn), a global leader in integrated Web, messaging and data protection technologies, provides essential information Protection™ for more than 42 million employees at more than 50,000 organizations worldwide. Distributed through its global network of channel partners, Web- sense software and hosted security solutions help organizations block malicious code prevent the loss of confidential information and enforce internet use and security policies. Websense Security Labs Websense security Labs is the security research arm of Websense, inc. that discovers, investigates and reports on advanced internet threats. unlike other research labs, Websense has an unparalleled knowl- edge of malware and where it resides on the Web. this allows Websense to detect and block new threats that traditional security research methods miss, enabling organizations to protect sensitive content from theft, compromise, or inappropriate use. recognized as a world leader in security research, Websense security Labs publishes findings to hundreds of security partners, vendors and other organizations around the world and provides security metrics to the anti-Phishing Working Group. Websense Security Labs – a Pioneer in Emerging Threat Protection • unparalleled visibility and discovery on a massive scale • real-time adaptive ability to respond to trends and threats in a Web 2.0 world • Powered by a unified world-class research team • Many first discoveries, including the unpatched, high-risk Microsoft excel vulnerability (March 2008) • first to market with phishing protection • first to market with drive-by and backchannel spyware protection • first to market with bot network protection • first to market with crimeware/keylogger protection Security Alerts register with Websense security Labs to receive free security warnings about malicious internet events, including spyware, spam, phishing, pharming, and corrupted Web sites. http://www.Websense.com/securitylabs/alerts/ Blog Highlights the Websense security Labs blog delivers the most current information and breaking news about se- curity research topics and today’s advanced internet threats. Websense security Labs investigates and publishes information about outbreaks, new threats, and other relevant Web security topics to protect organizations from increasingly dangerous internet threats. for more information, check out our blog: http://www.websense.com/securitylabs/blog 12 © 2008 Websense inc. all rights reserved. Websense and Websense enterprise are registered trademarks of Websense, inc. in the united states and certain international markets. Websense has numerous other unregistered trademarks in the united states and internationally. all other trademarks are the property of their respective owners. 07/24/.08