Symantec report that Cyber attacks target home users

RELATED NEWS Symantec named top security software vendor Symantec i(superscript:3) earns SAP certification Symantec establishes Executive Customer Advisory Council Symantec launches new IT policy compliance offering Symantec introduces Storage Foundation 5.0 Nifty BSE | NSE 31/05/12 Are Mutual Funds betting on Nifty?

Additional Key Findings

 

·    Vulnerabilities: Symantec documented 2,249 new vulnerabilities in the first half of 2006, an increase of 18 percent over the previous period and the highest volume of vulnerabilities recorded for any reporting period.

 

·    Window of Exposure and Time-to-Patch: The window of exposure for enterprise vendors and Web browsers was 28 days, down from 50 days in the previous period.  Microsoft Internet Explorer had an average window of exposure of nine days (down from 25), Apple Safari at five days (up from zero), Opera at two days (down from 18), and Mozilla at one day (up from negative two). For the first time, Symantec tracked the average time it takes operating system vendors to release a patch for a vulnerability.  Sun had the longest patch release time with 89 days followed by HP with 53 days.  Apple took an average of 37 days while Microsoft and Red Hat had the

lowest average patch release times with 13 days.

 

·    Misleading Applications: Three of the top 10 new security risks were misleading applications that give false or exaggerated reports of security threats on a user's system in order to persuade the user to pay money to upgrade to another version of the software that will "remove the threats"

that were found.

 

·    Denial-of-Service Attacks: The United States was the location of the most denial of service (DoS) targets, accounting for 54 percent of the worldwide total, and the Internet service provider (ISP) sector was the sector most targeted by DoS attacks. The United States also had the highest

percentage of bot command-and-control servers, with 42 percent of the total, while China had the highest number of bot-infected computers, with 20 percent of the worldwide total.

 

·    Future Threats: Among the trends Symantec expects to see in the future are a resurgence of polymorphism and other evasion techniques in Win32 malicious code; an increase in threats which exploit "Web 2.0" concepts such as user-based publishing and technologies like AJAX; security concerns associated with the release of Windows Vista; and an increase in the number

of vulnerabilities reported due to the use of fuzzers which are programs or scripts designed to find vulnerabilities in software code. 

 

Sourced From: 20 : 20 Media Pvt Ltd