IT security report
Number of Exploit Kits Drops Sharply
Law enforcement is becoming more effective, but new kits are always being developed. The number of exploit kits has dropped by 87% since the alleged creator of the widely popular Blackhole exploit kit was arrested last year.
Know Your Exploits
Not every vulnerability translates into an actual exploit. Of the 2,528 vulnerability alerts published from January to June 2014, 28 were identified as being actively exploited.
Top IT Security Targets
With most attacks focused on applications, the rest of the IT environment often gets overlooked. Applications only account for 31% of the attacks; the rest are aimed elsewhere.
Man-in-the-Browser Attacks on the Rise
Nearly 94 percent of customer networks have traffic going to Websites that host malware. Domain Name System (DNS) requests for host names where the IP address to which the host name resolves are reported to be associated with the distribution of Palevo, SpyEye, and Zeus malware families that incorporate man-in-the-browser (MiTB) functionality.
Botnet Hide and Seek
Few legitimate outbound connection attempts from enterprises should seek dynamic DNS (DDNS) domains. Nearly 70% of networks were identified as issuing DNS queries for DDNS. This shows evidence of networks misused or compromised, with botnets using DDNS to alter their IP address to avoid detection/blacklist.
Encrypting Stolen Data
Hackers cover their tracks by “exfiltrating data” using encrypted channels to avoid detection. Nearly 44% of customer networks have been identified as issuing DNS requests for sites and domains with devices that provide encrypted channel services.
Java Still a Major Security Concern
Security is one of the major reasons there has been a proliferation of programming language adoption. Java exploits rose to 93% of all indicators of compromise (as of May 2014.)
Spam on the Rise Again
After a decline last year, spam is back. Spam volumes have increased to the point that spam is now at its highest level since late 2010.
Emerging Threat Vectors
Hackers are looking for the latest, weakest link. Attacks aimed at WordPress sites, POS terminals as well as social engineering tactics and “malvertising” are all on the rise.
Vertical Industries Under Attack
Hackers are shifting to where the intellectual property is. Media and publishing led the industry verticals, posting nearly four times the median Web malware encounters. The pharmaceutical and chemical industry is now second while aviation slid into third place.
Vertical Industry Attacks by Geography
The top most affected verticals by region were media and publishing in the Americas; food and beverage in the EMEA (Europe, the Middle East and Africa) region, and insurance in APJC (Asia-Pacific, China, Japan and India).