Home > Uncategorized > IT Threat Evolution: Q3 2012 www.securelist.com

IT Threat Evolution: Q3 2012 www.securelist.com


Vulnerabilities
In the third quarter of Q3 2012 a total of 30 749 066 vulnerable programs and files were detected on the computers of KSN users – with an average of eight different vulnerabilities on each affected computer.

 

The first two spots are taken by Oracle Java vulnerabilities, which were found on 35% and 21.7% of vulnerable computers respectively.

 

Five common vulnerabilities affect Adobe products: Flash Reader and Shockwave players and Reader, a popular PDF reader for documents.

The rating now also includes two Apple programs – QuickTime player and iTunes and the popular Nullsoft Winamp media-player.

clip_image001

Vendors of products with the Top 10 vulnerabilities, Q3 2012

 

Any of the top 10 vulnerabilities can jeopardize a computer’s security because they all allow cybercriminals to gain full control of the system using exploits. As in Q2, three vulnerabilities enable attackers to gain access to sensitive data. Both Flash Player vulnerabilities enable cybercriminals to bypass security systems integrated into the application. The top 10 also features vulnerabilities that enable attackers to manipulate data and conduct DDoS and XSS attacks.

clip_image002

Distribution of Top 10 vulnerabilities by type of system impact, Q3 2012

 

Microsoft products no longer feature among the Top 10 products with vulnerabilities. This is because the automatic updates mechanism has now been well developed in recent versions of Windows OS.

 

Countries where web resources are seeded with malware

These figures show where sites hosting malicious programs are physically located. The geographic sources of web attacks were determined by comparing the domain name with the actual IP address where a specific domain is located, and determining the location of that IP address (GEOIP).

 

Just 10 countries worldwide host 86% of the web resources used to spread malware. For the second quarter running this figure has climbed by a single percentage point.

clip_image003

A distribution of online resources seeded with malicious code, by country. Q3 2012

 

There is a new leader among countries hosting malicious content: Russia (23.2%) has overtaken the USA (20.3%). In the last three months, the proportion of malicious hosts in Russia has dramatically increased (+8.6 percentage points); at the same time, the fall in the US share (-9.7 percentage points) has almost mirrored Russia’s rise. The number of malicious hosts in the Netherlands has also risen (+5.8 percentage points). 60% of all malicious content is located in the top three countries – Russia, the USA and the Netherlands. Without effective action from law enforcement agencies and hosting providers, this situation is likely to continue for several more months.

There were no significant changes among the other countries in the Top 10, apart from the UK’s share falling by 2.6 percentage points.

 

Countries where users faced the greatest risk of infection via the Internet

 

In order to assess a user’s infection risk in any given country, Kaspersky Lab calculated the frequency of web antivirus detections in different countries throughout the quarter. These figures are based on the raw number of web antivirus alerts on computers in each country and are not adjusted to reflect the number of KSN users in each country.

clip_image004

Top 20 countries* for online infection risks** in Q3 2012

*When calculating, we excluded those countries in which the number of Kaspersky Lab product users is relatively small (less than 10,000).

**The percentage of unique users in the country with computers running Kaspersky Lab products that blocked web-borne threats.

 

From <http://www.securelist.com/en/analysis/204792250/IT_Threat_Evolution_Q3_2012>

Advertisements
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: