The Common Vulnerabilities and Exposures (CVE) system reported about 9,400 new vulnerabilities, with two-thirds of them involving networks.
Of 1.7 trillion attacks made against intrusion prevention systems, 37 million of them were unique. That’s a 100% increase from 2013.
The Nuclear, Angler and Magnitude exploit kits together form almost 90% of the “in the wild” exploit kits. The Angler exploit kit is the most prevalent—accounting for approximately 60% of all exploit kits.
Dell puts the number of malware attacks at 4.2 billion. Dell also reports 88 trillion hits for application traffic and 45 billion hits for post-infection malware activity.
Dell SonicWALL created 13 POS malware signatures in 2014, compared with just three signatures in 2013, a 333% increase in the number of new POS malware countermeasures developed and deployed.
In 2014, Dell saw a twofold increase in SCADA (supervisory control and data acquisition) attacks, compared with 2013. Buffer-flow vulnerabilities continue to be the primary vehicle of attack.
The Heartbleed buffer over-read vulnerability, disclosed in April 2014, potentially affected about 17% (about 500,000) of the secure Web servers on the Internet.
Well-known zero-day vulnerabilities were released, with Shellshock vulnerabilities exploited by attackers within hours of the initial disclosure on Sept. 24, 2014. Within a week, millions of attacks and probes per day were observed.
Dell saw a 109% increase in the volume of HTTPS Web connections from the start of 2014 to the start of 2015. Trouble is, hackers are starting to hide malware by embedding it in encrypted connections.