Of special interest this half year: the increasing use of exploit-based attacks targeted against the Java development platform. Four of five most frequently exploited vulnerabilities are present in Java. Java was the most targeted development platform for exploit attacks during the first half of the year.
Finnish antivirus developer F-Secure has published a report on security threats in the first half of 2013. According to the report, the largest number of cyber attacks over this period has been committed to the platform Java, including their number has steadily increased with the advent of zero-day vulnerabilities. “Four of the five most frequently exploited vulnerabilities found in Java, namely Runtime Environment (JRE) and browser plug-ins” – said the expert F-Secure.
According to the researchers, this is not surprising, since Java is the second after the Windows platform as attractive to hackers, and one of the most common. Analysis of cyber attacks has shown that in 95 % of cases were operated five specific vulnerabilities. The most common attacks were carried out in the United States. For every thousand people are faced with the exploitation of vulnerabilities, 78 in USA, 60 – in Germany.
“Unfortunately, to stop the program or remove the plug is not suitable for companies using Java in critical situations related to business. Protection and mitigation (cyber attacks) can include much more complex things than just remove the program. For example, changing the security settings for Java, parameter setting web-browser in order to minimize unwanted run the applet (or the installation of third-party plug-ins for this), and the monitoring of network traffic”, – says in the F-Secure’s report.
According to the researchers , to carry out attacks in 70 % of cases, use a set of exploits BlackHole, SweetOrange, Crimeboss, Styx and Cool.
Another security threat in the first half of 2013 was malware for Mac. The researchers reported that the first such malware detected by an independent researcher Jacob Appelbaum, was signed by the current ID of existing Apple Developer. The malware is called “Kumar in the Mac (KitM)”, because an incorrect ID belonged Rajinder Kumar.
Be that as it may, among the most popular mobile platforms, the hackers still enjoys Android. In the first half of this year, it was discovered malware for that platform – Stels, spreading through e-mails and a botnet that uses Twitter to update the address of his C & C server.
Full version of F-Secure H1 2013 Threat Report: http://www.f-secure.com/static/doc/labs_global/Research/Threat_Report_H1_2013.pdf