|
Solutionary Research Reveals That 58 Percent of Vulnerabilities Targeted by Well-Known Exploit Kits Are Over Two Years Old; 70 Percent of Exploit Kits Originated in Russia
OMAHA, NE, Jan 22, 2013 (MARKETWIRE via COMTEX) --
Solutionary, the leading pure-play managed security services
provider (MSSP), announced today that its Security Engineering
Research Team (SERT) has released its Q4 SERT Quarterly Threat
Report. The report examines the threat landscape for the last quarter
of 2012 and focuses specifically on exploit kits and malware trends.
Research revealed that 58 percent of the vulnerabilities targeted by
the most popular exploit kits in Q4 were more than two years old,
that 70 percent of exploit kits reviewed were released or developed
in Russia, and that there was a reduced volume of Distributed Denial
of Service (DDoS) attack-related activity and a slight increase in
Web application and malware security incidences.
"The fact that cyber criminals are able to penetrate network defenses
by targeting aging vulnerabilities and using old techniques
demonstrates that many organizations are still playing catch-up when
it comes to cyber security. Tight budgets, inability to convince
stakeholders at all levels that security should be a priority, and a
shortage of research resources could be among the reasons why many
security and risk teams are continuing to operate in reactive mode,"
said Rob Kraus, SERT director of research. "By partnering with us,
our customers are able to cost-effectively leverage our research and
security expertise to drive security into the corporate priority
stack, significantly strengthen their cyber defenses, and stay a step
ahead of existing and emerging threats."
In reviewing 26 commonly used exploit kits, SERT identified exploit
code dating as far back as 2004, serving as evidence that old
vulnerabilities continue to prove fruitful for cyber criminals. The
fact that 58 percent of the vulnerabilities exploited are over two
years old further supports SERT findings that the number of newly
discovered and disclosed vulnerabilities has declined since 2010. The
Q4 report also revealed that BlackHole 2.0 was the most often-used
exploit kit; that Phoenix 3.1 supports the most vulnerabilities,
approximately 9 percent; and that a large number of exploit kits have
been developed and distributed in Eastern Europe, with 70 percent
coming from Russia, followed by China and Brazil.
While DDoS attacks surprisingly decreased during Q4, SERT found that
Web application and malware security incidences increased 8 percent.
This signals that cyber criminals seem to be shifting from attacking
retail sites to directly targeting consumers with social-engineering
attacks, using subjects such as Hurricane Sandy to grab attention.
SERT research also revealed that anti-virus and anti-malware software
cannot detect 67 percent of malware being distributed and that 30
percent of the malware samples studied traced back to JavaScript
malware variants used for redirection, obfuscation and encryption,
all used in the BlackHole exploit kit. Furthermore, the Q4 report
showed that 18 percent of the malware samples studied by SERT were
directly attributed to BlackHole.
"Exploit kits largely focus on targeting end-user applications," said
Kraus. "As a result, it is vital that organizations pay close
attention to patch management and endpoint security controls in order
to significantly decrease the likelihood of compromise."
Key Findings
-- There was a 15 percent decrease in the volume of authentication
security, DDoS and reconnaissance incidences as observed through the
Solutionary ActiveGuard(R) MSSP platform.
-- 58 percent of the vulnerabilities targeted by the well-known exploit
kits reviewed are more than two years old, based on visibility into
publicly available exploit kits and qualitative analysis.
-- Nearly 70 percent of the exploit kits reviewed were released or
developed in Russia.
-- BlackHole 2.0 is the most often used exploit kit, but targets fewer
vulnerabilities than other kits
-- Phoenix 3.1 supports roughly 9 percent of all vulnerabilities being
exploited.
-- 67 percent of malware is not detected by anti-virus or anti-malware
software.
-- 18 percent of the malware samples reviewed by SERT were directly
attributed to BlackHole.
To access a copy of the complete report, please visit:
http://www.solutionary.com/index/SERT/Quarterly-Threat-Reports/Q4-2012/index.php.
Visit our blog at http://blog.solutionary.com/.
Follow us on
Twitter.
About Solutionary
Solutionary is the leading pure-play managed
security services provider. Solutionary reduces the information
security and compliance burden, delivering flexible managed security
services that align with client goals, enhancing organizations'
existing security program, infrastructure and personnel. The
company's services are based on experienced security professionals,
global threat intelligence from the Solutionary Security Engineering
Research Team (SERT) and the patented, cloud-based ActiveGuard(R)
service platform. Solutionary works as an extension of clients'
internal teams, providing industry-leading customer service, patented
technology, thought leadership, years of innovation and proprietary
certifications that exceed industry standards. This client focus and
dedication to customer service enables Solutionary to boast one of
the highest client retention rates in the industry. Solutionary
provides 24/7 services to mid-market and global enterprise clients
through multiple security operations centers (SOCs) in North America.
For more information, visit www.solutionary.com.
Media Contact:
Angel Badagliacco
925-271-8216
Email Contact
SOURCE: Solutionary
http://www2.marketwire.com/mw/emailprcntct id=693CE9B2857C58AC
[ InfoTech Spotlight's Homepage ]
|
