Web malware exploded in 2006
By Rene Millman,
The amount of malware targeting web browsers exploded in 2006 compared to previous years, a new report said.
The study, carried out by IBM's Internet Security Systems X-Force research team, found that web-targeted attacks and scripting vulnerabilities saw a massive increase with 7,247 vulnerabilities disclosed that year, 88 per cent of these were remotely exploitable by hackers.
The research found that 50 per cent of all websites hosting browser-targeted attacks used various obfuscation and encryption techniques to hide payloads from traditional detection techniques.
"Malicious individuals have stepped up efforts to defeat traditional client-side protection systems to help sustain profitable cyber crime," said the reports authors said. "Divisions between classic threat types are becoming blurred making it increasingly difficult to address cyber threats."
The report also found that malware is increasing in functionality and complexity. Downloaders dominated this area, comprising 22 per cent of total malware tracked. Worms such as Luder and Mytob continued to be a threat, while content-based malware has become one of the top threat risks to users and businesses.
Analysts at X-Force noted a five per cent increase in the number of vulnerabilities identified in April from the previous month. But there has been a seven per cent decrease in the number of vulnerabilities year on year for April.
The authors said that each vulnerability should be analysed along with the threat it posed.
"Paying attention to only a few purchased or internally discovered vulnerabilities could lead to risks in the network environment," said the authors. "Vulnerability discovery, while important, is only one of many activities that should be performed to mitigate risk."
advertisement
Latest Security Features
Who should be Britain’s cyber security czar?
Experts reveal what a UK head of cyber security would need to do, while we put forward possible candidates for the role.
- The reality of movie technology
- Do smartphones need security software?
- Protecting the London 2012 Olympic Games
- Focus on... Flexible working
- Cyber policing and surveillance in Britain today
- How an FBI agent transformed Microsoft security
- Can security concerns kill cloud computing?
- GhostNet: Did the Chinese government hack the world?
- How poor web security nearly lead to a jail term
Latest Security Reviews
HP BladeSystem c3000 review: blade server
Rating: 
- CA ARCserve Backup r12.5 review
- FaceTime Communications USG530 - web filtering appliance review
- Guardium 7 – database security review
- Google Apps Premier Edition
- SmoothWall UTM-1000 review
- Lenovo ThinkPad USB Portable Secure Hard Drive
- LogRhythm LR-500-XM review
- EXCLUSIVE - eSoft ThreatWall 250
- Zebra RZ400 - RFID Printer
advertisement
Latest News Videos in Security
Video: Mobile security threats and Mac complacency
PlayPart two: Eugene Kaspersky, chief executive and founder of Kaspersky Lab, talks about the increasing security threats mobile users are facing.
Whitepapers
Want more background on today's hottest IT trends?
Visit IT PRO's whitepaper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Social Bookmark this article: What is this?