jueves, 26 de agosto de 2010

2010 Mid-Year Trend and Risk Report (IBM)


  • Los métodos de ataques encubiertos y ocultos crecieron en frecuencia y complejidad, especialmente los que involucran a JavaScript
  • Las explotaciones de PDF continúan elevándose conforme los atacantes engañan a los usuarios de nuevas maneras
  • La actividad de phishing disminuyó significativamente, pero las instituciones financieras siguen siendo el objetivo principal
  • Cloud ComputingDebido a que es una tecnología emergente, la seguridad continúa siendo una preocupación para las organizaciones que consideran adoptarla



The IBM X-Force 2010 Mid-Year Trend and Risk Report reveals several key trends that demonstrate how, in the first half of 2010, attackers seeking to steal money or personal data increasingly targeted their victims via the Internet.

  • - Attackers are increasingly using covert techniques like Javascript obfuscation and other covert techniques which continue to frustrate IT security professionals. Obfuscation is a technique used by software developers and attackers alike to hide or mask the code used to develop their applications.
  • - Reported vulnerabilities are at an all time high, up 36%. 2010 has seen a significant increase in volume of security vulnerability disclosures, due both to significant increases in public exploit releases and to positive efforts by several large software companies to identify and mitigate security vulnerabilities.
  • - PDF attacks continue to increase as attackers trick users in new ways. To understand why PDFs are targeted, consider that endpoints are typically the weakest link in an enterprise organization. Attackers understand this fact well. For example, although sensitive data may not be present on a particular endpoint, that endpoint may have access to others that do. Or, that endpoint can be used as a practical bounce point to launch attacks on other computers.
  • - The Zeus botnet toolkit continues to wreak havoc on organizations. Early 2010 saw the release of an updated version of the Zeus botnet kit, dubbed Zeus 2.0. Major new features included in this version provide updated functionality to attackers.

Get the IBM X-Force 2010 Mid-Year Trend and Risk Report (*)

2010 IBM X-Force Mid-Year Trend Report Graphics Package.

(*) Register for Free Report



Links relacionados:
- Récord de amenazas globales de seguridad digital
- Aumentan en 36% los reportes de incidentes de seguridad (IBM)
Publicado por el
Etiquetas: ,

No hay comentarios:

Publicar un comentario

Suscribirse a: Enviar comentarios (Atom)