Sunday | 14 March, 2010
CSO
OS vulnerabilities drop in 2006
Spam still on the up
Michael Crawford (Computerworld) 01/02/2007 12:36:57

Internet Security Systems (ISS) and MessageLabs released a synopsys of 2006 security trends yesterday, with both companies revealing a marked increase in spam throughout the year.

ISS discovered a 100 per cent increase year on year in spam. From December 2006 through until January 2007 Messagelabs found a 1.5 per cent increase in spam globally.

In January, spam totalled 75.8 per cent of all e-mails captured by MessageLabs' Traffic Management in January.

In Australia, spam levels increased 0.1 per cent in January according to the MessageLabs 2007 Intelligence Report.

The report also found the amount of viruses hidden in e-mail traffic had increased 0.08 per cent since last month, accounting for one in 119.9 e-mails, with a stern warning about the new wave of refined Trojan code called Rustock.

"It is now believed that the suspected Russian criminals responsible for last year's Trojan, SpamThru, have been updating their botnets to another Trojan bot called Rustock," the report said.

"Rustock allows spammers to send out image spam, which is more difficult for traditional anti-spam software to accurately identify.

"Finally, 80.2 per cent of Web viruses intercepted were from uncategorized sites suggesting that they were being used for domain kiting and other disreputable purposes to host phishing and spam sites."

The ISS 2006 security statistics report identified advances in image spam technology, operating system holes, and an increased hacker focus on Web browser vulnerabilities as the top concerns for 2007.

The ISS X Force research and development team has predicted new forms of image spam will be pervasive throughout 2007.

It will be specifically designed to evade capture, however, IBM ISS director of security strategy, Gunter Ollmann, said the good news is the drop in high-impact vulnerabilities.

"In 2005 high-impact vulnerabilities accounted for about 28 per cent of total vulnerabilities, while they only accounted for 18 per cent in 2006," Ollmann said.

"The security industry has made great progress over the last year, but despite promising statistics such as this one, we predict that 2007 will require higher levels of vigilance and innovation to deal with emerging threats and new vectors of attack."

According to X Force there were 20 new vulnerabilities discovered daily in 2006, 88 per cent of which could be exploited remotely, with more than half allowing attackers complete access after the vulnerability was exploited.

More about MessageLabs, IBM, Internet Security Systems, Security Systems, Synopsys, Vigilance, ISS

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

Enter the fully qualified URL, eg. http://www.example.com/
Users posting comments agree to the CSO Online comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Add to Google
Additional Resources
Newsletter Subscription
Sign up for our CSO Online newsletters!
RSS Feeds
Syndicate content
 
Get a job Careerone
Whitepaper


Read Whitepaper

Making the move to Ethernet | A DECISION GUIDE

While enterprises today need higher bandwidth, there is increasing demand for solutions that can provide scalability, performance, simplicity and control at lower costs. Get the best of both worlds - read about Ethernet adoption today.

Sponsored Links