Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Web Attacks are Biggest Threat

    Written by

    Matt Hines
    Published September 25, 2006
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      Attacks that capitalize on vulnerabilities in popular Web browsing software, targeted malware and phishing efforts dominated the first half of 2006, according to Symantecs latest Internet Security Threat Report.

      Published on Sept. 25, the twice-yearly analysis highlighted continued growth of browser vulnerability, finding that 69 percent of all new threats unearthed by the company between Jan. 1 and June 30 attempted to take advantage of flaws in Microsofts Internet Explorer, the Mozilla Foundations Firefox and other popular Web applications.

      Symantec, based in Cupertino, Calif., said in the report that the relative ease with which malware code writers can isolate vulnerabilities in browsers and other Web-based programs continues to entice such attacks, compared with threats targeting client-side applications.

      In total, Symantec detected 47 new browser vulnerabilities, representing a 52 percent rise over the 25 vulnerabilities recorded in the latter half of 2005.

      Malware writers are also increasingly attempting to exploit vulnerabilities in sites that use synchronous AJAX (Asynchronous JavaScript and XML), a so-called Web 2.0 development technique meant to accelerate interaction between browsers and online applications.

      Criminals continued to focus malware and phishing attacks on specific companies and sets of end users in the first half of the year. The malware threats tracked by Symantec also sought to propagate themselves more slowly than previous generations to help prevent detection. The top 10 new strains of malicious software Symantec observed were so-called Trojan attacks, which are malware typically disguised as legitimate programs.

      For example, Symantec pointed to the Mdropper.H Trojan attack, which exploited a zero-day vulnerability in Microsoft Word and installed a subsequent back-door program. Sent to a smaller, select user group, the attack attempted to persuade recipients to open it using several types of social engineering. Symantec said programs that use such targeted methods are less likely to be found and reported to anti-virus researchers. In the enterprise arena, the attacks most commonly seek to gain access to sensitive corporate information.

      Lending further credence to its assertion that malware and phishing attacks are increasingly driven by criminal efforts to make money, Symantec reported that financial services companies were the second most targeted group of users over the first half of 2006, behind only home computers. Such attacks most frequently attempted to steal companies customer information, including credit card or bank account numbers, for the purpose of carrying out identity theft and other forms of fraud.

      “Money is clearly the motivating factor in most of the attacks we see,” said Alfred Huger, senior director of development for Symantecs Security Response unit, in Cupertino. “The attackers are spending more time doing the upfront work to try and yield greater success from their work.”

      Matt Hines
      Matt Hines

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×