Business is thriving for exploits, mobile malware is still dominated by Android and Symbian, and botnets are back and retooled, according to a new threat report from F-Secure Labs. \u201cWe saw this especially in the second half of last year in the form of more standardization of vulnerability exploitation and the increased use of automated exploit kits.\u201d In the second half of the year, exploit-related detections accounted for 28 percent of all detections, with 68 percent of those related to vulnerabilities in Java.<\/p>\n","protected":false},"excerpt":{"rendered":"
The majority of exploits detected were related to four vulnerabilities (two Windows and two Java), most likely a result of the fact that today\u2019s popular exploit kits, BlackHole and Cool Exploit, include exploits for these vulnerabilities. All of these vulnerabilities were reported in the last two years and have already had security patches released by their vendors \u2013 a reminder of the importance of keeping software updated.<\/p>\n
\u201cCriminals in the malware system each handle their own little niches, their own little links in the chain,\u201d says Sean Sullivan, Security Advisor at F-Secure. <\/p>\n
Android malware accounted for 79 percent (238) of all new, unique mobile malware variants in 2012, a number that speaks to the platform\u2019s domination of the mobile market. <\/p>\n
\u201cOn the inside it\u2019s still the same malware family, but there can be a myriad of different ways to dress it up to try to disguise it…. At F-Secure, we have a more holistic understanding of the security landscape, that it cannot be dependent on merely one data point,\u201d says Sullivan. <\/p>\n
New business models like \u201crent-a-botnet\u201d schemes are flourishing, where cybercriminals rent a whole network of infected computers and use it to perform their attacks.<\/p>\n
Link: http:\/\/www.net-security.org\/virus_news.php?id=2399<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[],"class_list":["post-2261","post","type-post","status-publish","format-standard","hentry","category-trends"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2261","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=2261"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2261\/revisions"}],"predecessor-version":[{"id":4748,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2261\/revisions\/4748"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=2261"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=2261"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=2261"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}