Welcome to Scribd. Sign in or start your free trial to enjoy unlimited e-books, audiobooks & documents.Find out more
Download
Standard view
Full view
of .
Look up keyword or section
Like this
3Activity

Table Of Contents

0 of .
Results for:
No results containing your search query
P. 1
Ibm Xforce h1 2009

Ibm Xforce h1 2009

Ratings: (0)|Views: 163|Likes:
Published by risspa

More info:

Published by: risspa on Oct 07, 2009
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

01/04/2013

pdf

text

original

 
IBM Global Technology Services
August 2009
IBM Internet Security Systems
 X-Force
®
2009 Mid-Year Trendand Risk Report
 
X-Force
®
2009 Mid-Year Trend & Risk Report
Table of Contents
Overview 1
2009 Mid-Year Highlights 1
Vulnerabilities 1Exploitation 2Malware and the Malicious Web 2Spam and Phishing 3
Vulnerabilities 4
First Half of 2009 Vulnerability Disclosure Count 4Vulnerability Disclosures by Severity 5
CVSS Base Scores 6E xloitability Probability Quadrant 7
Vendors with the Most Vulnerability Disclosures 8
Major Shits in the Top Vendor List 9
Availability of Vulnerability Fixes and Patches 10Consequences of Exploitation 11
Web Application Vulnerabilities 13
Web Application Vulnerability Disclosures by Attack Categories 14Web Application Attacks 17
Cross-Site Scripting Attacks 17Injection Attacks 17Inormation Disclosure Attacks 17Web Application Attack Chart 18
Automated SQL Injection Probes and Attacks 20
Operating Systems with the Most Vulnerability Disclosures 21Browser and Other Client-Side Vulnerabilities and Exploits 24
Client-Side Vulnerabilities—Document FormatVulnerabilities Increasing 24Document Format Vulnerabilities 25Browser Vulnerabilities—Firefox Surpasses Internet Explorer 26Exploitation Trends 27
Most Popular Exploits 28Most Popular Exploit Toolkits (2H 2008) 29Obuscation 30
 
Web Content Trends 32
Analysis Methodology 33Percentage of Unwanted Internet Content 33
Increase o Anonymous Proxies 34
Malicious Web Sites 37
Geographical Location o Malicious Web Links 38Good Web Sites with Bad Links 40
Malware 43
Malware Category Trends 43
Primary Malware Categories 43Trojan Category Breakdown 46
Top Phone Home Locations 50
Concker:StoryandaLessonLearned53
Concker Started Small 53Researchers Bafed 53P2P Botnet Capability Unveiled 54The “April Fools Computer Worm” 56Monetizing the Botnet 56Lesson Learned 57
Spam 59
Spam Volume 60Types of Spam 61
The Rebirth o Image-Based Spam 62Common Domains in URL Spam 65Common Top Level Domains in URL Spam 70Liespan o Spam URLs 72
Spam—Country of Origin 74
Spam—Country o Origin Trends 74Growth in BRIC Countries 75Spam URLs—Country o Origin 75
Spam—Average Byte Size 75Spam—Most Popular Subject Lines 76Recovery from the McColo Takedown 78
Changes in International Distribution o Spam 78
Phishing 79
Phishing Volume 79Phishing—Country of Origin 80
Phishing URLs—Country o Origin 81
Phishing—Most Popular Subject Lines 81Phishing Targets 83
Phishing—Targets by Industry 83Phishing—Financial Targets by Geography 85
X-Force
®
2009 Mid-Year Trend & Risk Report

Activity (3)

You've already reviewed this. Edit your review.
1 thousand reads
1 hundred reads
RUTYPIOURE liked this

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->