133 Web-based Malware Assaults for Enterprises Every Month During Q3-2010
According to Cisco, which released its Global Threat Report on November 17, 2010, enterprises had been defending themselves from botnets and web-based attacks during Q3-2010 or the year's third quarter. Reveals the security firm, enterprises, on an average, encountered 133 malware assaults through the Web every month throughout July-September 2010.
It further reports that these assaults were most prevalent in August 2010 when they peaked to over 140 Web malware assaults. Also during August 2010, spam levels increased to the maximum in comparison with July and September of Q3-2010.
Moreover, Cisco's researchers also indicate in their new study that among all botnets, Rustock topped the list during Q3-2010. During July-September 2010, Cisco outlines that 1 in 5 security incidences that its service for monitoring security handled related to Rustock. The botnet's activity was the highest during late August after which it declined during September 2010.
Remarking about the activity of Rustock, Market Intelligence Manager Mary Landesman at Cisco stated that it was believed Rustock was an extremely big distributor of spam as well as that it mainly dispatched replica watch and pharmaceutical spam while using current event themes, a trick that the Storm botnet first popularized. Informationweek.com published this on November 17, 2010.
Moreover, according to the report, during Q3-2010, the danger of malware attacks on the Web were most on chemical and pharma industries followed with oil and energy, and mining and agriculture. The danger was, however, the minimum for the automotive and aviation sector.
Significantly, Cisco reports that there had been 4 different kinds of SQL-injection assaults during Q3-2010. These were encoded words implanted on HTTP queries, heap overflow within MSSQL, general SQL core words inside HTTP, and Asprox botnet-generated SQL attacks. Incidentally, Asprox made a re-appearance for a short time during the first fifteen days of August 2010, attacking websites through Active Server Pages (ASP), Cisco suggests in its report.
Furthermore, the security firm's researchers discovered that about 10% of malware attacks through the Web happened through search engine services and traffic. Of these more than 7% occurred via Google referrers, followed with Yahoo (2%) and Bing (1%).
Related article: “Loopholes did not cause online banking thefts”: ICBC
» SPAMfighter News - 25-11-2010