Highlights from the 2016 HPE Annual Cyber Threat Report
HP released their annual report for 2016 that covers a broad range of information (96 pages) in various sectors and industries. The report is divided in 7 themes, those that appear the most interesting to me are Theme #5: The industry didn’t learn anything about patching in 2015 and Theme #7: The monetization of malware.
Theme #5
According to this report, the bug that was the most exploited in 2014 was still the most exploited last year which is now over five years old. CVE-2010-2568 where a "[...] local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file , which is not properly handled during icon display in Windows Explorer, as demonstrated in the wild in July 2010 [...]" [2] is still the top vulnerability for 2015 (29% in 2015 vs. 33% in 2014), see the pie chart on page 32 showing the Top 10 CVE for 2015, where the oldest CVE is from 2009. The Top 3 targeted applications and platform where: Windows, Android and Java which isn’t a huge surprise.
Theme #7
This doesn't sound really new and not that surprising, in 2015 malware needed to produce revenues. HP noted a significant increase in malware targeting ATM, banking Trojans and ransomware targeting every operating systems in particular smartphones. Some of the well-known ransomware families include Cryptolocker and Cryptowall where the malware author will request a ransom to decrypt password encrypted files but once paid often fail to provide the key. Obviously, the best protection is to regularly backup your files (and more importantly test the backup as well) in case you ever get caught by this.
[1] http://techbeacon.com/resources/2016-cyber-risk-report-hpe-security
[2] https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2568
-----------
Guy Bruneau IPSS Inc.
Twitter: GuyBruneau
gbruneau at isc dot sans dot edu
Comments
www
Nov 17th 2022
6 months ago
EEW
Nov 17th 2022
6 months ago
qwq
Nov 17th 2022
6 months ago
mashood
Nov 17th 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Dec 3rd 2022
6 months ago
isc.sans.edu
Dec 3rd 2022
6 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
isc.sans.edu
Dec 26th 2022
5 months ago
isc.sans.edu
Dec 26th 2022
5 months ago