Symantec Internet Security Threat Report (ISTR Volume XIII) highlights

Written by DP

Tuesday, 15 April 2008

Symantec has released on April 8th the most recent and very interesting Internet Security Threat Report (ISTR Volume XIII) [PDF]. Concerning the metric for site-specific XSS vulnerabilities, data is provided by us and is limited to the XSS issues that security researchers submit to the archive. Therefore, it provides insight into site-specific vulnerabilities rather than a complete picture of all publicly known XSS issues.

I highly recommend that you fully read it!

Quoted from the report's introduction:

"It includes analysis of network-based attacks, a review of known vulnerabilities, and highlights of malicious code. It also assesses trends in phishing and spam activity. The report also provides protection and mitigation recommendations for these concerns. This volume covers the sixmonth period from July 1 to December 31, 2007."

Highlights summary:

"Attackers have adopted stealth tactics that prey on end users on individual computers via the World Wide Web, rather than attempting high-volume broadcast attacks to penetrate networks. This may be because enterprise network attacks are now more likely to be discovered and shut down, whereas specifically targeted malicious activity on end-user computers and/or web-sites is less likely to be detected. Site-specific vulnerabilities are perhaps the most telling indication of this trend.

Site-specific vulnerabilities affect custom or proprietary web-site code. These vulnerabilities are a concern because they allow attackers to compromise specific web-sites, which can then be used to launch subsequent attacks. Social networking sites are a favorite target, as a successful compromise gives attackers access to a large number of people who are likely to trust the site. These sites often expose confidential user information that can then be used in attempts to conduct identity theft or online fraud."

During the last six months of 2007, 11,253 site-specific cross-site scripting vulnerabilities were documented, compared to 6,961 between February and June in the first half of the year.

Table 1. Site-specific Vulnerabilities
Source: Symantec Corporation

During the last six months of 2007, 11,253 site-specific cross-site scripting vulnerabilities were documented, compared to 6,961 between February and June in the first half of the year.

Reference:
Internet Security Threat Report - Symantec Corp.

Related News:
http://news.bbc.co.uk/2/hi/technology/7345990.stm - "Hackers exploit poor website code" - 14 April 2008