Web Security Report Reveals Major Vulnerabilities

Botnets are an increasingly efficient way to deliver malware; cyber criminal attacks via social networks like Twitter are an omnipresent threat; spam is increasing in both volume and severity. These are just a few of the conclusions that appear in the latest report from Web security products provider M86 Security.

The M86 Security Labs Report released to the public this month was based on extensive research that the company's Web security team conducted throughout the second half of 2009. Among the results detailed in the report:

There has been a surge in attacks via social networking sites such as Twitter, motivated by the increased use of shortened URLs (Internet addresses) on these sites. These URLs make it easier for online criminals to obscure malicious links, and such criminals also exploit the trust that builds between users of such sites as they develop social relationships.

The most efficient, and as a result the most common, method of distributing spam is through networks of secretly infected computers known as Botnets. The report indicates more than three-fourths of all spam in the six-month period examined originated from five Botnets.

Commonly used products such as Internet Explorer and Adobe's downloadable PDF readers can contain security vulnerabilities that leave them open to "zero-day" attacks. These are attacks launched by hackers on the same day the general public becomes aware of the security issues in question. Even casual hackers, as opposed to programming language experts, are finding ways to exploit these vulnerabilities with increasing speed, and in some cases such criminals even discover the vulnerabilities ahead of company security specialists.

"It is important to identify the major contributors to the volume of spam so that the industry can take action against them," said Bradley Anstis, vice president, technical strategy for M86 Security. He added that the Security Labs report details spam origins by specific Botnets, and offers other recommendations to combat spam and cybercrime.

A full copy of the report can be downloaded free of charge here.

About the Author

Scott Aronowitz is a freelance writer based in Las Vegas. He has covered the technology, advertising, and entertainment sectors for seven years. He can be reached here.

Featured

  • three silhouetted education technology leaders with thought bubbles containing AI-related icons

    Ed Tech Leaders Rank Generative AI as Top Tech Priority

    In a recent CoSN survey, an overwhelming majority of ed tech leaders (94%) said they see AI as having a positive impact on education. Respondents ranked generative AI as their top tech priority, with 80% reporting their districts have gen AI initiatives underway, or plan to in the current school year.

  • computer monitor with a bold AI search bar on the screen

    Google Rolls Out AI Mode in Search

    About a year after introducing AI Overviews for its flagship search offering, Google has announced broad availability of AI Mode in Search.

  • glowing shield hovers above a digital cloud platform with abstract data streams and cloud icons in the background

    Google to Acquire Cloud Security Firm Wiz in $32 Billion Deal

    Google has announced it will acquire cloud security startup Wiz for $32 billion. If completed, the acquisition — an all-cash deal — would mark the largest in Google's history.

  • students using digital devices, surrounded by abstract AI motifs and soft geometric design

    Ed Tech Startup Kira Launches AI-Native Learning Platform

    A new K-12 learning platform aims to bring personalized education to every student. Kira, one of the latest ed tech ventures from Andrew Ng, former director of Stanford's AI Lab and co-founder of Coursera and DeepLearning.AI, "integrates artificial intelligence directly into every educational workflow — from lesson planning and instruction to grading, intervention, and reporting," according to a news announcement.