vents—Some of the bigger stories surrounding email and web threats over the past six months include malware campaigns leveraging the Boston Marathon bombings, the continuing rise of mobile malware, and DSD: a distraction technique used by cybercriminals as they’re emptying your bank accounts.
“If you notice a deluge of spam in your email inbox, it’s best not to try to monitor your email, but instead go directly to your account(s) activity because the people behind this spam blast have somehow obtained your personal account information and email address,” says Touchette. “In order to hide purchase receipt emails or balance transfer confirmation emails, the attackers, just before they make the illegal transactions, turn on this deluge of spam email in order for these very important emails to get lost in the flood.
As for server side vulnerabilities, some of the biggest exploits so far in 2013 have included cross-site scripting, cross-site request forgery, broken authentication systems, Ruby vulnerabilities, universal plug and play problems, and an Adobe issue with ColdFusion.
Metrics—In addition to the familiar data regarding email spam and viruses, this report includes some baseline data about web-based malware that AppRiver will track over the months ahead. As web-based malware and “drive-by downloads” become more widespread, this data will expose trends and patterns that can help improve security for users.
The Cyber World—This section of the report discusses major cybercrime arrests like that of Hamza Bendelladj for leading a major Zeus botnet, along with Hacktivism activities, and the evolution of cyber espionage from simple murmurings to mainstream conversation with attention-grabbing incidents such as Stuxnet, targeting a very specific system for enriching Uranium in a very specific location, not to mention the talk of cyber exchanges between the U.S. and China.
Link: http://www.heraldonline.com/2013/07/02/4994746/appriver-releases-mid-year-global.html