Targeted Vulnerabilities 2 Years Old

Friday, January 25, 2013 @ 09:01 AM gHale


In a month where safety and security reports continue to release, one new survey shows 58 percent of the vulnerabilities targeted by the most popular exploit kits in Q4 were more than two years old and 70 percent of exploit kits reviewed ended up released or developed in Russia.

In reviewing 26 commonly used exploit kits, security provider Solutionary SERT’s Q4 2012 Quarterly Research Report identified exploit code dating as far back as 2004, showing old vulnerabilities continue to pay off for the bad guys.

RELATED STORIES
Cyber Report: Attack Intensity on Rise
Attack Report: Traffic Tracks to China
Back to Basics: Security 101
Drive-bys Tops EU Threat Reports

The idea 58 percent of the vulnerabilities exploited are over two years old supports SERT findings the number of newly discovered and disclosed vulnerabilities declined since 2010.

The report also revealed BlackHole 2.0 was the most often-used exploit kit; that Phoenix 3.1 supports the most vulnerabilities, approximately 9 percent; and a large number of exploit kits end up developed and distributed in Eastern Europe, with 70 percent coming from Russia, followed by China and Brazil.

While DDoS attacks surprisingly decreased during Q4, SERT found Web application and malware security incidences increased 8 percent. This signals that cyber criminals seem to be shifting from attacking retail sites to directly targeting consumers with social-engineering attacks, using subjects such as Hurricane Sandy to grab attention.

Research also found anti-virus and anti-malware software cannot detect 67 percent of malware distributed and 30 percent of the malware samples studied traced back to JavaScript malware variants used for redirection, obfuscation and encryption, all used in the BlackHole exploit kit. Furthermore, the report showed 18 percent of the malware samples studied by SERT directly attributed to BlackHole.

“The fact that cyber criminals are able to penetrate network defenses by targeting aging vulnerabilities and using old techniques demonstrates that many organizations are still playing catch-up when it comes to cyber security,” said Rob Kraus, SERT director of research. “Tight budgets, inability to convince stakeholders at all levels that security should be a priority, and a shortage of research resources could be among the reasons why many security and risk teams are continuing to operate in reactive mode.”



Leave a Reply

You must be logged in to post a comment.