The Symantec Security Response team conducts ongoing, in-depth research and analysis of current threat trends impacting users of the Internet. To better enable you to implement effective security measures, Symantec provides detailed reports of trends, impact and preventive measures that you can deploy to protect and manage your information.

Internet Security Threat Report

The Symantec Internet Security Threat Report provides an annual overview and detailed analysis of Internet threat activity, malicious code, and known vulnerabilities. The report also discusses trends in phishing, spam and observed activities on underground economy servers.

Symantec Connect Security Community

Read what Symantec's Security Response experts are writing about the latest edition of the Internet Security Threat Report.

Visit the Security Response Blog.

 
Data Breaches: Affected Sectors and Causes
A Security Response podcast by Symantec.
Downadup (Conficker) and Malicious Code Trends in 2009
A Security Response podcast by Symantec.

Symantec Intelligence Quarterly

Symantec Intelligence Quarterly offers analysis and discussion of threat activity over a three-month period and is intended to be a complement to the annual Symantec Internet Security Threat Report (ISTR). It covers Internet attacks, vulnerabilities, malicious code, phishing, spam and security risks.

Symantec Intelligence Quarterly, July – September 2010 Reports

There are two reports for the July – September 2010 quarter, as well as a summary of key findings, and a summary of best practices and methodologies from these latest reports.

Global Intelligence Quarterly Report

Europe, the Middle East, and Africa Intelligence Quarterly Report

Key Findings Summary

Best Practices and Methodologies Summary

Highlights & Trends

July – September 2010:
Previous Report, April – June 2010
 
The United States was the top country for malicious activity in this quarter, accounting for 23 percent of the total.
Last quarter, the U.S. accounted for 21 percent of the total.
 
Credit card information is the most commonly advertised item for sale on underground economy servers known to Symantec in this quarter, accounting for 23 percent of all goods and services.
Last quarter, credit card information accounted for 28 percent of the total.
 
The top Web-based attack for the quarter was related to the Microsoft Internet Explorer ADODB.Stream Object File Installation Weakness, which accounted for 36 percent of the total.
Last quarter, the top Web-based attack was related to malicious PDF activity, which accounted for 36 percent of the total.
 
The most common malicious code sample by potential infections during this quarter was the Sality.AE virus.
The Sality.AE virus was also the most common last quarter.
 
Symantec observed 14.6 trillion spam messages during this quarter, accounting for 91 percent of all email messages observed.
Last quarter, Symantec observed 12.7 trillion spam messages during this quarter, accounting for approximately 89 percent of all email messages observed.
 
The majority of brands used in phishing attacks this quarter were in the financial sector, which accounted for 73 percent of the total.
During the last quarter, the financial sector also accounted for 73 percent of the total.
 

Previous Global Reports of the Symantec Intelligence Quarterly

Symantec Intelligence Quarterly: Global Report (April – June 2010)

Symantec Intelligence Quarterly: Global Report (January – March 2010)

Symantec Intelligence Quarterly: Global Report (October – December 2009)

Symantec Intelligence Quarterly: Global Report (July – September 2009)

Internet Security Threat Report: Mid-Term Report

Attack Toolkits and Malicious Websites

Launching widespread attacks on networked computers used to be a task reserved for a rare few hackers – those with an extensive knowledge of programming. This is no longer the case. The advent of attack toolkits has lowered the bar significantly, opening the doors for anyone with a basic understanding of networking and computers to produce threats that exploit vulnerabilities.

These toolkits are used to enable the theft of sensitive information or to convert compromised computers into a network of botnets in order to mount additional attacks. They are advertised and sold in the online underground economy. Symantec believes that attack kits play a significant role in the continuing evolution of cybercrime into a self-sustaining, profitable, and increasingly organized economic model worth millions of dollars.

This report provides an in-depth look at the evolution of attack kits, their features and how hackers use them to lure in victims, especially online. The report also provides mitigation techniques to help protect your organization from the sophisticated attacks created by these toolkits.

Executive Summary: Symantec Report on Attack Kits & Malicious Websites

Symantec Report on Attack Kits & Malicious Websites

Additional Resources

Mid-Term Report Press Kit

Video: Attack Toolkits in 90 Seconds

Video: Scary Internet Stuff: Web Attack Toolkits

Archive

Download any of our past Internet Security Threat Reports.


Internet Security Threat Reports