|
Fortinet''s Threatscape Report
Rise in Malicious Exploits
In-the-Wild Exploits Penetrate Un-patched Systems; Keylogging and Spam Continue to Climb Fortinet® - the pioneer and leading provider of unified threat management (UTM) solutions' recently released January 2009 Threatscape report reveals a surge in exploit activity. The headline-making buffer overflow exploit to Microsoft Security Bulletin MS08-067, which was originally detected in October '08, continued to wreak havoc on un-patched machines during the end of December '08 and throughout January '09, landing in ninth position in this period's Top 10 Exploitations list. The highest recorded activity for this exploit occurred on January 14 and overall new vulnerabilities rose four percent since last period.
Also climbing the ranks, online gaming malware continued to build on December's momentum with two Trojans increasing in activity. Spy/OnLineGames claimed first place on Fortinet's Top 100 malware variants list while, not far behind, W32/Dropper.VEM!tr jumped 94 spots, further highlighting a rising wave of online gaming malware designed to pilfer credentials. Fortinet's FortiGuard® Global Security Research team also observed a mounting trend in spam, which drew from ongoing economic concerns and leveraged the Presidential Inauguration as part of a social
engineering campaign.
"While eavesdropping keyloggers and spam-spewing botnets continued to rise in popularity this month, what's most concerning is the explosion of the now dated MS08-067 vulnerability," said Derek Manky, project manager, cyber security and threat research, Fortinet. "Propagating as far back as October '08, this vulnerability underscores the importance of proper patch management and a layered security approach to avoid epidemic outbreaks ofthis nature."
Following are key findings from Fortinet's January 2009 Threatscape report:
Exploits/Intrusion - 43 new vulnerabilities were added to the FortiGuard ISP coverage this period, with 13 reported to be actively exploited;
Malware - key logging and information siphoning obtained the majority of activity reported during this period, with online gaming exploits rising up the charts; the U.S. (45.05%) and Japan (43.03%) were still the most targeted regions for malware, with China (26.77%), Taiwan
(20.61 %) and India (20.54%) grabbing up the 3rd, 4th and 5th positions as the top most targeted regIOns;
Spam - spam rates continued to increase this period and fully regained levels consistent to spam rates before the McColo take-down; driven by the financial crisis, the most popular spam campaigns included positive salary structure, diploma and education schemes, and added scam tactics seeding a new botnet that centered on President Barack Obama's inauguration;
Web traffic - Web activity blocked during this period stayed in close alignment to last month's findings, with pornography maintaining the top spot at almost 70 percent; malware also consistent at nearly 20 percent and spyware and phishing activities representing the remaining 10 percent. The Fortinet FortiGuard® Global Security Research team compiled threat statistics and trends for January based on data collected from FortiGate® network security appliances and intelligence systems in production worldwide. Customers who use Fortinet's FortiGuard Subscription Services should already be protected against the threats outlined in this report. Fortinet'’s Threatscape Report
|
