Social Media Big Attack Target: IBM Report

Friday, September 27, 2013 @ 06:09 PM gHale


Knowing compromised social media accounts can be highly valuable, cyber criminals are leveraging those accounts for reconnaissance and future attacks, a new report said.

That was just one of the findings in the IBM X-Force Research and Development team’s 2013 mid-year report on cyber security trends and risks. The results of the study are from the analysis of 4,100 new vulnerabilities, and 900 million new webpages and images.

RELATED STORIES
Trojans Make Up 80% of Malware
New Revenue Stream for Ransomware
Malware Targets Java, Adobe Bugs
Password Length Could Cause DoS

“IBM X-Force expects to see these newer applications of social engineering become more sophisticated as attackers create complex internetworks of identities while refining the art of deceiving victims,” said Leslie Horacek, worldwide threat response manager for IBM X-Force and senior editor of the report on a blog.

“Users must adopt a mindset of guilty until proven innocent when it comes to social media and companies should engender suspicion to protect users and assets,” she added.

As far as vulnerabilities go, researchers found the number of new vulnerabilities reported in the first half of 2013 was similar to the number reported last year. However, the amount of web application vulnerabilities slightly decreased this year.

When it comes to web vulnerabilities, cross-site scripting (XSS) remains the most common type, accounting for over half of all security holes.

In 28 percent of the cases, successful exploitation of a vulnerability resulted in gaining access to a system or application.

The report names the United States as the country that hosts most malicious links at 42 percent. Germany (9.8 percent), China (5.9 percent) and Russia (4.5 percent) all follow the U.S.

The IBM X-Force report also covers mobile malware, watering hole attacks, Zero Day attacks, and distraction and diversion techniques.

Click here to download the complete report.



Leave a Reply

You must be logged in to post a comment.