Products
Applications
Support
Company
How To Buy
Skip to main content (Press Enter).
Sign in
Skip auxiliary navigation (Press Enter).
Register
Skip main navigation (Press Enter).
Toggle navigation
Search Options
Home
My Communities
Communities
All Communities
Enterprise Software
Mainframe Software
Symantec Enterprise
Blogs
All Blogs
Enterprise Software
Mainframe Software
Symantec Enterprise
Events
All Events
Enterprise Software
Mainframe Software
Symantec Enterprise
VMware
Water Cooler
Groups
Enterprise Software
Mainframe Software
Symantec Enterprise
Members
Endpoint Protection
View Only
Community Home
Threads
Library
Events
Members
Back to Library
The Latest in the Threat Landscape - Web Based Attacks: February 2009
1
Recommend
Mar 25, 2009 12:32 PM
Migration User
As we talk to enterprise and consumer customers, we are finding many don’t understand the risks of the Internet today, why their computers have been compromised or how the threat landscape has really changed. The fact that just visiting your favorite Web site can either lead to malware silently being installed on your computer WITHOUT ever clicking on anything, or being plagued by misleading applications, such as fake antivirus software, seems to be a surprise to many users and IT managers;
With the increase in Web based attacks that users are being subjected to every day, we wanted to share timely data on the changing threat landscape and examine some of the factors and background information that have influenced the shift toward this type of attack over the last year. Our recently published Web based attacks
white paper
highlights some of the top Web threat trends that our security analysts have seen over the last year:
Top Web Threat Trends for 2008
1.
Drive-by downloads from mainstream Web site are increasing
2.
Attacks are heavily obfuscated and dynamically changing making traditional antivirus solutions ineffective
3.
Attacks are targeting browser plug-ins instead of only the browser itself
4.
Misleading applications infecting users are increasing
5.
SQL injection attacks are being used to infect mainstream Web sites
6.
Malvertisements are redirecting users to malicious Web sites
7.
Explosive growth in unique and targeted malware samples
In researching the paper we realized that few Web sites are immune from being compromised and used as a host to deliver malware to unsuspecting visitors. During 2008, Symantec observed more than 18 million drive-by download attacks. In just the last 6 months, we observed more than 23 million misleading application attacks. These two attack types represented Web attacks from 808,000 unique domains, many of which are mainstream Web sites, including: news, travel, online retail, games, real estate, government and many others.
For this blog post, I was going to include a video showing what happens during a typical drive-by download attack—but the scary part is, there is nothing to show! When your system gets compromised, there is usually NO indication – it happens silently without flashing lights or having to click on anything. All it takes is one vulnerable browser, multimedia application, document viewer or browser plug-in and your computer can be compromised. I spoke with one user who couldn’t believe that one of the top 100 sites on the Internet would be attacking HIS computer. There was another customer whose own Web server kept attacking and infecting his computer.
But it’s very real. Legitimate sites are compromised using popular techniques, such as malicious advertisements or “malvertisements” to attack your machine.
Some users today may even be lulled into thinking they don’t need to have antivirus software with updated subscriptions since they haven’t ‘seen’ a virus in email recently. I even heard one user state that “he is careful where he goes on the internet” This isn’t enough. Web based attacks are occurring everywhere and users’ computers are being attacked and infected in enterprise and consumer environments alike.
Yesterday’s technology won’t help you in protecting against this changing threat landscape. There are many who are still relying on traditional signature-based antivirus software only to protect their systems. The good news is there are advanced technologies and best practices available to better protect your system in today’s Internet environment. You just have to use them!
Surf Safely,
Statistics
0 Favorited
0 Views
2 Files
0 Shares
0 Downloads
Attachment(s)
Download All
threat_1.JPG
23 KB
1 version
Uploaded - Feb 25, 2020
Download
threat_2.JPG
32 KB
1 version
Uploaded - Feb 25, 2020
Download
Download Document
Please accept the terms of the copyright associated with this attachment before downloading it. Click the link below to read the terms.
Accept
Tags and Keywords
Comments
riva11
Apr 10, 2009 04:21 AM
Pascal, thanks for your post and the interesting presentation, these guidelines in to protect pc's are really a MUST for IT Admins but expecially for home users. I suggest to pubblish as an article.
Pascal KOTTE
Apr 08, 2009 09:27 AM
Hi, the main problem is
YOU,
also from IT peoples:
- using FireFox or IE to navigate with an account with local admin rights (
But as IT professionnal, you are allways sure never making a mistake in the url...? Are you?
)
OK: so just change this: add a shortcut with
runas /user:guest iexplore.exe (or firefox),
copy your favorites & personal settings the "guest profile".
Activate guest user, only give writing rights on a temp folder...
Do that for all you family, friends, neighbours... Especialy if using XP at home. You can take a look my old PPT regarding this point...
ithomecomputersecurity.googlegroups.com/web/FightingZombiesPC_v0.4.ppt
Enjoy
Migration User
Mar 30, 2009 01:20 PM
We're finding many are inquiring about this data - if you have any comments, questions, etc., let us know! Also, don't forget to check out the recent Symantec blog entry on Conficker...
Related Entries and Links
No Related Resource entered.
Copyright 2019. All rights reserved.
Powered by Higher Logic