[ISN] Cybercrooks get faster, further and sneakier

From: InfoSec News <alerts_at_private>
Date: Wed, 30 Jul 2008 00:17:41 -0500 (CDT)

By John Leyden
The Register
29th July 2008

Cybercrooks are becoming faster at utilising newly-discovered browser 
exploits. More than nine in ten of all browser-related exploits occurred 
within 24 hours of an official vulnerability disclosure, according to a 
survey by IBM's X-Force security division.

The cyber-threat survey, which looked closely at information security 
events that happened during the first half of 2008, also revealed that 
attacks targeting flaws in browser plug-ins are increasing in 
prevalence. In the first half of 2008, around 78 percent of web browser 
exploits targeted browser plug-in bugs.

X-Force operations manager Kris Lamb said that the "acceleration and 
proliferation" of bugs were key themes for the first half of 2008.

The IBM division reckons the increasing use of automated tools allows 
hackers to become faster off the mark in exploiting vulnerabilities. It 
criticised the practice of releasing "exploit code along with a security 
advisory" as playing into the hands of hackers. According to the study, 
vulnerabilities disclosed by researchers are twice as likely to have 
zero-day exploit code published.


Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com
Received on Tue Jul 29 2008 - 22:17:41 PDT

This archive was generated by hypermail 2.2.0 : Tue Jul 29 2008 - 22:34:50 PDT