Top Cyber Threats: Security Research Roundup: Page 3
Find out what the latest research reveals about the current state of malware, phishing, and other attacks.
According to Verizon's 2012 Data Breach Investigations Report [PDF file], the three most common functions of malware are logging keystrokes and other forms of user input, sending data to external locations, and backdoors. "It is important to note that none of these functionalities are mutually exclusive and it's common for a single piece of malware to feature several components," the report states. Data exfiltration proved far less common in Verizon's 2012 report than in the previous year, dropping from 79 percent in the 2011 report to 43 percent in the 2012 report.
MALWARE ON MACS:
Sophos recently analyzed a snapshot of 100,000 of the millions of Mac computers that run the company's free anti-virus software and found that one in five machines was carrying Windows malware, while one in 36 (2.7 percent) of Mac were found to be carrying Mac OS X malware. While the latter case would certainly be more troublesome for the user, Macs that are carrying Windows malware can easily spread it to other computers. Some of the malware that Sophos detected dates back to 2007, and would have been easily detected by any anti-virus software. "Cybercriminals view Macs as a soft target, because their owners don't typically run anti-virus software and are thought to have a higher level of disposable income than the typical Windows user," Sophos senior technology consultant Graham Cluley said in a statement. "Mac users must protect their computers now or risk making the malware problem on Macs as big as the problem on PCs."
EMAIL-BORNE MALWARE WORLDWIDE:
According to the Symantec Intelligence Report [PDF file] for February 2012, the global ratio of email-borne viruses in e-mail traffic was one in 274 e-mails, or 0.37 percent in February, up 0.3 percent since January. In February, the report states, 27.4 percent of email-borne malware contained links to malicious Web sites, a decrease of 1.6 percent from January. Luxembourg had the highest rate of malicious e-mail activity in February, with one in every 63.9 e-mails identified as malicious – in the U.S., the rate was one in every 436.5 e-mails. The most targeted industry in February was the public sector, with one in 71.2 e-mails blocked as malicious. Education was the second most targeted vertical, with one in 124.1 e-mails containing malicious content.