Analyst Reports & Industry Surveys

Mass injection web hacks yield to targeted attacks

Angela Moscaritolo February 05, 2010

During the second half of 2009, attackers shifted their strategy away from mass-injection campaigns and instead focused on launching targeted attacks to infect high-profile websites, Websense found in a new report.
 

Report says U.S. needs new approach for security

Angela Moscaritolo February 01, 2010

A new report authored by retired Gen. Eugene Habiger of the U.S. Air Force finds that that the public and private sector must deploy secure systems that are properly tested and certified to withstand sophisticated cyberattacks.
 

New report finds Adobe programs most at risk

Dan Kaplan December 17, 2009

Adobe's popular programs — Acrobat, Flash Player, Reader and Shockwave Player — top the list of the most vulnerable applications in 2009, according to a report released Wednesday by security firm Bit9. All four applications had vulnerabilities rated "high," which mean hackers could have executed arbitrary code. Apple QuickTime, Mozilla Firefox, Opera, RealPlayer, Sun Java and Trillian followed on the list, created from stats in the National Institute of Standards and Technology's (NIST) vulnerability database. All apps on the list rely on the end-user, not an IT administrator, to patch. — DK
 

Report finds enterprises failing to protect sensitive data

Angela Moscaritolo December 09, 2009

Just 40 percent of respondents in a recent survey said all of their organizations sensitive data is adequately secured.
 

Security spend to rise

Angela Moscaritolo December 09, 2009

IT spending is likely to increase for many organizations in 2010, according to a survey released last week by investment bank Pacific Crest Securities. In the survey of 80 CIOs, 71 percent of respondents said they plan to increase their 2010 IT budgets, with server investment ranking as the top priority, followed by security. Forty-eight percent of respondents, meanwhile, said security spending is likely to increase the most on a dollar basis in 2010. — AM
 

Web attacks are financial boon for crooks, Cisco finds

Angela Moscaritolo December 08, 2009

Spam and spyware still are profitable for cybercriminals, but the big money is in banking trojans and other web exploits, Cisco's annual security report has found.
 

Cameroon, China riskiest country domains, McAfee finds

Dan Kaplan December 02, 2009

A small nation in Africa is responsible for the riskiest domain space on the internet, according to new McAfee research.
 

Gov't executives cite unstructured data as top concern

Angela Moscaritolo November 18, 2009

Seventy-nine percent of federal government IT executives surveyed recently said unstructured data increases the security risk within their organization.
 

Survey finds Mac, PC users are equal cybercrime victims

Dan Kaplan November 17, 2009

Because of phishing, operating a Mac yields no more protection from cybercrime than running a Windows machine, according to a survey conducted by security firm ESET.
 

Spam volume reaches new all-time high at 92 percent

Angela Moscaritolo November 03, 2009

During the third quarter of the year, spam accounted for 92 percent of all email on average, which breaks the previous record-high volume set during the second quarter of 2009.
 

Worm outbreaks climb, finds Microsoft threat report

Angela Moscaritolo November 02, 2009

Worms rose from being the fifth most prevalent type of malware worldwide during the second half of 2008 to the second most prevalent cyberthreat during the first half of 2009, according to Microsoft.
 

Data breach alerts linked to increased risk of ID theft

Angela Moscaritolo October 28, 2009

Consumers who have received a data breach notification letter face a much higher risk of identity theft, according to a recent survey.
 

Survey finds lax health care privacy in United States

Chuck Miller October 20, 2009

Despite regulations mandating protection of health care records, more than half of American hospitals fail to take appropriate steps to safeguard the privacy of patients, according to a new survey of health care IT security professionals.
 

Symantec finds rogue AV to be well-oiled profit machine

Dan Kaplan October 19, 2009

A new Symantec report released Monday reveals a booming marketplace for criminals involved in installing bogus anti-virus products on victim computers.
 

Payload spam volume rockets to new heights

Chuck Miller October 02, 2009

After leveling off during the past two years, the amount of spam laden with virus payloads has spiked, according to a new report.
 

Facebook cuts off accounts spreading rogue anti-virus

Dan Kaplan October 02, 2009

On the same day that the Internet Crime Complaint Center issued an alert on the ongoing dangers of social networking fraud, a computer security researcher reported on a new Facebook threat in which scores of fake member profiles were attempting to push rogue anti-virus programs.
 

Majority think outsourcing threatens network security

Angela Moscaritolo September 29, 2009

Sixty-nine percent of respondents in a recent survey said they believe outsourcing negatively impacts network security.
 

Gartner finds IT security spending up eight percent

Dan Kaplan September 21, 2009

The global software security market still is growing despite a far-reaching recession.
 

Hackers rest over summer, pounce during Christmas

Chuck Miller August 25, 2009

Much like average American workers, hackers tend to take off during the summer -- and weekends -- but come Christmas and New Year's, they are out in full force.
 

Malware designed to steal IDs increased 600 percent

Greg Masters August 20, 2009

The number of users victimized by malware specifically intended to rob personally identifiable information leapt 600 percent this year.
 

2010 budgets to fund app security and DLP, study shows

Angela Moscaritolo August 04, 2009

If security budgets go up next year, pros will be using the additional cash to buy application security and DLP technologies, a new study shows.
 

Researchers simulate a botnet of 1 million zombies

Angela Moscaritolo July 31, 2009

Computer scientists working for the U.S. Department of Energy announced this week that they have been able to create a simulated botnet consisting of more than one million machines.
 

Study finds more breaches

Angela Moscaritolo July 13, 2009

Eight-five percent of organizations have experienced a data breach in the past 12 months -- up slightly from 84 percent a year ago, according to a fourth-annual encryption trends study released Monday by the Ponemon Institute and encryption vendor PGP. The study of 997 IT business managers, analysts and executives in the U.S. also found that 22 percent of organizations have experienced at least five security breaches within the past year -- a rise from 13 percent of respondents last year. — AM
 

Researchers guess SSNs

Dan Kaplan July 07, 2009

Researchers at Carnegie Mellon this week released a study showing how they were able to predict Social Security numbers by using statistical patterns and publicly available birth information. Alessandro Acquisti and Ralph Gross, who plan to present their findings at this month's Black Hat conference in Las Vegas, said they were able to correctly predict the first five digits of 44 percent of individuals born after 1988 and who died before 2003. The ease by which the numbers can be predicted could give rise to identity theft, the pair said. The problem can be fixed by the government moving to a "randomized assignment scheme." — DK
 

Security market revenue up

Dan Kaplan June 25, 2009

Bucking economic trends, the global security software market saw a 19 percent growth in revenue last year -- totaling $13.5 billion, according to a Gartner report released this week. One of the major reasons for the rise was an increased interest in appliance products for email and web security and security and event management. Key drivers for purchases were data protection against targeted attacks, privacy and compliance. Symantec remains the top revenue producing company, but smaller vendors gradually are gaining market share. — DK
 

Criminal network to trade botnets and malware uncovered

Dan Kaplan June 17, 2009

Researchers at a web security firm have discovered what they term the latest milestone in the evolving cybercriminal underground: a one-stop-shop for hackers.
 

Malicous attacks increase

Dan Kaplan June 17, 2009

The number of breaches caused by insider malfeasance or hacker attacks is creeping upward, according to the nonprofit Identity Theft Resource Center. The organization said Tuesday that 18.5 percent of 250 breaches reported to the center so far this year were related to insider theft, compared to 15 percent last year and six percent in 2007. Similarly, the number of incidents caused by hackers rose to 18 percent this year, compared to 12 percent in 2008 and 14 percent in 2007. Combined, the two categories represent a 10 percent hike over last year. - DK
 

Survey finds hiring hurdles

Dan Kaplan June 04, 2009

Despite there being a surplus of available security professionals due to the down economy, 80 percent of hiring managers are having a tough time finding the right person, said a survey released Wednesday by accreditation provider (ISC)2. Respondents blamed the difficulty on a lack of desired skills, lack of available recruits within a certain area and salary demands that could not be met due to tight budgets. But the survey also found that 62 percent of respondents don't expect future budget cuts this year. — DK
 

Nonprofit releases security configuration standards for iPhone

Dan Kaplan May 29, 2009

Organizations issuing iPhones to their employers can now apply security configuration best practices, which were introduced this week by the Center for Internet Security.
 

McAfee documents riskiest search terms

Dan Kaplan May 28, 2009

Be wary while searching the internet for screensavers or lyrics -- or anything free, for that matter, according to a new report from McAfee.
 

Latest News

Popular Topics
Analyst Reports & Industry Surveys Breaches & Exposures Browser Flaws Browsers And Security Cybersecurity Cyberwarfare Data Breaches Database Security Email Security Government Hackers Hacking Iphone Lawbreakers & Cybercrime Malware Mobile Endpoint Security Nation State Network Security Non-Microsoft Patches Patch Management Patch Tuesday SC Awards 2010 Vulnerabilities & Flaws Vulnerability Management Website Compromises