فا

‫ Security threat report of Sophos in mid-year 2011

IRCRE201108076
Security threat report of Sophos in mid-year 2011
Date:2011-08-28
The security company Sophos has studied the security threats of the first half of 2011 in a report. The following report is briefing that.
1)Web Threats: A new threat every 4.5 seconds
Cybercriminals take advantage of our almost constant use of the web to launch malicious attacks. As a result, the web remains the biggest way cybercriminals distribute their malicious goods. During the first half of 2011, we saw an average of 19,000 new malicious URLs every day—that's one every 4.5 seconds.
Many computer users still don’t realize that something nasty can infect their computer when they visit a seemingly legitimate website. Yet more than 80% of the malicious URLs we found are legitimate websites hacked by cybercriminals. They achieve this by exploiting vulnerabilities in the software or by stealing access credentials from malware infected machines.

The U.S. still holds the top spot on the list of countries hosting malware, although the total percentage of malware hosted by the U.S. declined slightly during the first half of 2011, down 1.4 points from 39.39% in 2010. The Russian Federation now claims the number two spot, a position held by France last year.

Fake Antivirus: Security scams reap millions
In 2010, fake antivirus was one of the more persistent threats of the year. In the first half of 2011, fake antivirus remained a threat, and these attacks are now actively targeting Mac users.
Many fake antivirus scams still target Windows users, and we see Mac fake antivirus software spreading in greater numbers than ever before. In some cases, scammers infect Macs to automatically open pornographic websites periodically—as further incentive to have users purchase the so-called "fix."
SEO Poisoning: Gateway for malicious behavior
The search engine is our gateway to the webThat’s why cybercriminals manipulate search results from sites such as Google, Bing and Yahoo to lure victims to their malicious pages. Search engine optimization, or SEO, is a standard Internet marketing technique used by most companies to draw people to their sites. But it can also be abused. When the bad guys exploit SEO, it’s known as SEO poisoning, or Black Hat SEO.
Attackers use SEO poisoning techniques to rank their sites highly in search engine results and to redirect users to malicious sites.

Black Hat SEO attacks are extremely effective. A snapshot of the top malware we block on our customer web appliances shows that Black Hat SEO accounts for more than 30% of all detections.

2)Operating Systems (OS): Mac malware is now real

We ran a poll on the Sophos Facebook page asking folks if they would now recommend that friends and family install antivirus software on their Macs. Of the 968 people who answered the poll, 89% said yes.

Microsoft Windows: Malware targeting Windows XP still dominates

The most recent report, Microsoft’s tenth Security Intelligence Report, shows an increase in malware targeting Windows 7, which is now installed in about a quarter of all Windows computers. Although there was a drop-off in new malware targeting XP, used by about half of all Windows users, Windows XP malware still accounts for the majority of malware written for Windows to date.

3)Mobile: Mini computers in your pocket

A recent Sophos survey asked IT security professionals across multiple countries about mobile device use and access to corporate resources. Out of more than 240 responses, all but 6% said that they allow mobile devices to access corporate resources. Access for BlackBerry and Windows mobile phone OS ranked highest.

The survey also revealed that over 85% of organizations have already established an acceptable use policy (AUP) within their organizations, yet only 69% of these organizations have specific policies for company-owned mobile device users. And, this number further decreases when you consider policy for employee-owned mobile devices (31%).

4)Social Networking: Threats explode, so limit access to personal info
To see just how many security issues social networks pose, we recently conducted a social media poll that asked whether respondents’ organizations have encountered spam, phishing or malware incidents. Of the nearly 2,000 people polled, 71% reported that they, or one of their colleagues, had been spammed on a social networking site, 46% had been phished and 45% were sent malware. The remaining respondents were divided—some were not victims, others were unsure.

Our recent social networking poll also asked computer users which social network they felt posed the biggest security risk. Facebook is clearly seen as the biggest risk with 81% of the votes, a significant rise from the 60% who felt Facebook was the riskiest when we first asked the question a year ago. Twitter and MySpace each received 8% of the votes this year, and LinkedIn only 3%.

5)Email Spam and Spearphishing: Still a threat
A recent comScore report shows a whopping 59% decline in the use of email among 12- to 17-year olds, and a 34% decline for the 25 to 34 age bracket. Facebook, text messaging and Twitter have taken over as preferred communication methods for many.
As compared to 0.27% of email attachments containing threats in the first quarter of 2010, just 0.16% contained threats in the first quarter of 2011. Scammers now use more HTML attachments rather than just “.exe” executable files as vehicles to deliver malware.

The U.S. once again leads the field of spam-relaying countries, contributing approximately 13% of the world's spam traffic in the first half of 2011. India, Russia, South Korea and Brazil broke through the 6% barrier during the first six months of the year, with their massive online populations clearly lacking the protection needed to keep their systems free from spamming malware.

6)Removable Media: Beware of Windows Autorun
Between March and May of this year, there was a significant drop in the number of computers being infected by malware exploiting the Windows Autorun feature. Autorun infections dropped by 59% on XP machines and by 74% on computers running Windows Vista.

However, a recent study conducted by the U.S. Department of Homeland Security (DHS) discovered that the biggest risk from removable media might come from poor decision-making by users. According to a Bloomberg report, the DHS study found that government employees showed carelessness in using thumb drives and CDs.

References:
Security Threat Report, Mid-Year 2011, Sophos

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

مشخصات خبر

 
تاریخ ایجاد: 6 شهریور 1390

برچسب‌ها

امتیاز

امتیاز شما
تعداد امتیازها: 0