M86 Security released it’s bi-annual security report for the first half of 2010 on Jul 14, 2010 with one good news and one bad news. The good news is traditional online attacks are becoming less effective, the bad one is, attackers are finding new ways to combine these attacks in unexpected ways to continue punching malicious code through corporate firewalls.
"Traditional methods such as spambots and dynamic code obfuscation are still very much in use. However the first half of 2010 has also seen the emergence of new advanced methods as seen in the new combined attacks,"
The most common attack scenario, is as follows:
From the report:
(The most popular spam category)
During the first half of 2010, anonymized feedback from M86 filtering installations showed most observed threats were based on the following vulnerabilities:
From above list we can know, Adobe VS. MS, Adobe is the winner.
Other Key findings include:
- Most exploits were first reported more than a year ago and have been addressed by the software vendors, highlighting the need to keep software updated with the latest versions and patches.
- Advanced Persistent Threat attacks made headlines after being used against commercial organizations such as Google and Adobe.
- More Java-based vulnerabilities have been actively exploited, reflecting the exploits’ high "success rate" for attackers.
- Mass Website infections continue to be a huge problem, as attackers use botnet malware, such as Asprox, to carry out automated mass attacks.
- Anti-detection techniques proliferated as cybercriminals aim to stay under the radar as long as possible.
- Email is still a major attack vector, with botnets spamming out both malicious attachments, and blended threat campaigns that drive users to infected Websites.
- Total spam output remains extremely high, as the major spamming botnet operations continue to operate largely unimpeded. Just five botnets are responsible for 75% of all spam.
- Spam promoting pharmaceuticals constitutes 80% of all spam, reflecting the attractiveness of major spam affiliate programs such as Canadian Pharmacy.
- Spammers are using more diverse tactics, including malicious PDF attachments and HTML attachments that load malicious code.
- The controversy over Facebook privacy underscores the need to review privacy on these networks, as they are areas ripe for abuse.
Adobe has faced a number of challenges in the area of security during the past year, Microsoft has started working on IE 9, then what should Adobe do next?
About M86 Security
M86 Security is the global expert in real-time threat protection and the industry’s leading Secure Web Gateway provider. The company’s appliance, software, and Software as a Service (SaaS) solutions for Web and email security protect more than 24,000 customers and over 17 million users worldwide.
M86 products use patented real-time code analysis and behavior-based malware detection technologies as well as threat intelligence from M86 Security Labs to protect networks against new and advanced threats, secure confidential information, and ensure regulatory compliance. The company is based in Orange, California with international headquarters in London and development centers in California, Israel, and New Zealand.