http://www.websitemagazine.com/content/blogs/posts/archive/tags/malware+threats/default.aspxTags: malware threatsenCommunityServer 2008 SP2 (Build: 31104.93)http://www.websitemagazine.com/content/blogs/posts/archive/2009/08/17/web-hacking-and-malware.aspxMon, 17 Aug 2009 14:55:00 GMT1e469e21-c924-44fa-a132-47b5d0a8ad47:9574Pete Prestipino0http://www.websitemagazine.com/content/blogs/posts/rsscomments.aspx?PostID=9574http://www.websitemagazine.com/content/blogs/posts/archive/2009/08/17/web-hacking-and-malware.aspx#comments<hr /> <p><b> <a href="http://breach.com">Breach Security</a> announced a steep rise in attacks against social networking sites, according to the Web Hacking Incidents Database (WHID) 2009 Bi-Annual Report. <br /></b><br /> Social networking sites, accounting for 19 percent of hacking incidents, were the most targeted vertical market in the first half of 2009. Key findings from the WHID 2009 Bi-Annual Report include: <br /><br /> &bull; <i>Drivers for Web Hacking</i> &mdash; Defacement, which combines both planting of malware and standard overt changes, remains the most common outcome of web attacks (28%), while leakage of sensitive information is a close second (26%, up from 19% in 2008). Disinformation is a distant third (19%), mostly due to the hacking of celebrity online identities. <br /><br /> &bull; <i>Most Prevalent Attack Vectors</i> &mdash; SQL Injection remains the number one attack vector, accounting for nearly one-fifth of all security breaches (19%). Attack vectors exploiting Web 2.0 features such as user-contributed content were also commonly employed: authentication abuse was the second most active attack vector (11%), and Cross Site Request Forgery (CSRF) rose to number five with 5% of the reported attacks. <br /><br /> &bull; <i>Vertical Markets Under Attack</i> &mdash; Social networking sites emerged as the most targeted vertical market with 19% of the incidents, a dramatic increase from prior years when this sector was not represented, and displacing government/law enforcement from the number one spot in 2008. <br /><br /> &ldquo;The dramatic rise in attacks against social networking sites this year can primarily be attributed to attacks on popular new technologies like Twitter, where cross-site scripting and CSRF worms were unleashed,&rdquo; said Ryan Barnett, director of application security research for Breach Security. &ldquo;Looking back at 2008, a notable election year, government-related organizations were the top-ranked attack victims and have now dropped to number three. The WHID report demonstrates that hackers can be fickle, following popular culture and trends to achieve the most visible effect for their efforts, which means that companies must be vigilant in implementing web application systems and monitoring application activity.&rdquo; <br /><br /> The WHID project compiles and analyzes application-related security incidents, focusing exclusively on publicly reported web application security attacks that have an identified outcome. The WHID 2009 Bi-Annual report analyzed global security incidents that occurred from January 1 through July 31, 2009, a 30 percent increase in overall web attacks compared to 1H 2008.</p> <hr /> <p> <b>Looking to Accelerate Your Web Success?</b><br /><a href="http://www.websitemagazine.com/prosubscribe/"> Request a pro-level membership at WebsiteMagazine</a> </p> <hr /> <div style="clear:both;"></div><img src="http://www.websitemagazine.com/content/aggbug.aspx?PostID=9574" width="1" height="1">securityhackingmalware threats81709http://www.websitemagazine.com/content/blogs/posts/archive/2009/07/07/top-malware-threats-in-june-2009.aspxTue, 07 Jul 2009 16:16:00 GMT1e469e21-c924-44fa-a132-47b5d0a8ad47:9018Pete Prestipino0http://www.websitemagazine.com/content/blogs/posts/rsscomments.aspx?PostID=9018http://www.websitemagazine.com/content/blogs/posts/archive/2009/07/07/top-malware-threats-in-june-2009.aspx#comments<hr /> <p><b>Windows security software provider Sunbelt Software released a list of the most prevalent malware threats for the month of June 2009.</b><br /><br />Sunbelt Labs finds a surge in threat detections for the high risk threat Trojan-Spy.Win32.Zbot.gen, a family of password-stealing Trojan programs which is being distributed through SPAM (often as a file purporting to be an airline e-ticket, as a file attachment from &quot;United Parcel of America,&quot; and one claiming to be an e-payment notification of an order with Amazon.com. The Trojan injects code from remote sites that harvest confidential data off a user&#39;s system including cached passwords, login credentials for web sites such as online banking sites, as well as data in certificates and cookies.<br /><br />The following are the most prevalent spyware threats for the month of June. <br /><br />1. Trojan-Spy.Win32.Zbot.gen: 7.19%<br />2. Trojan.DNSChanger.Gen: 2.66%<br />3. Trojan-Downloader.Zlob.Media-Codec: 2.63%<br />4. Trojan.1: 2.62%<br />5. BehavesLike.Win32.Malware (v): 2.59%<br />6. Exploit.PDF-JS.Gen (v): 2.19%<br />7. PersonalAntivirus: 1.52%<br />8. INF.Autorun (v): 1.45%<br />9. Trojan-Spy.Win32.Pophot.gen: 1.40%<br />10. Win32.Cekar.E: 1.40% </p> <p>&nbsp;</p> <p><b>Stay up to date on important &#39;Net events like this and accelerate your Web Success!</b><br /><a href="http://www.websitemagazine.com/prosubscribe/">Request a professional-level subscription to Website Magazine</a>.</p> <div style="clear:both;"></div><img src="http://www.websitemagazine.com/content/aggbug.aspx?PostID=9018" width="1" height="1">malwaresunbelt softwaremalware threatssunbelt