Threat Level: green Handler on Duty: Daniel Wesemann

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Sophos 2012 Security Threat Report

Published: 2012-02-03
Last Updated: 2012-02-03 22:34:15 UTC
by Guy Bruneau (Version: 1)
0 comment(s)

Last week Sophos released it 2012 Security Threat Report which highlighted some key finding from 2011:

- Smartphones and tablets causing significant security challenges
- Major data breaches and targeted attacks on high-profile companies and agencies
- Hacktivism -> A shift from hacking for money to hacking as a form of protest or to prove a point
- Conficker worm is still the most commonly encountered pieces of malicious software seen is Sophos customers
- Fake antivirus software is still the most common type of malware but in second half of the year appears to be on the decline
- Spearphishing attacks on the rise

Despite all this, some successes "On March 16, 2011 a coordinated effort known as Operation b107 between Microsoft, FireEye, U.S. federal law enforcement agents and the University of Washington knocked Rustock offline." [1] The entire report available here.

Handler Mark published a diary on some of the things to take in consideration "When your service provider has a breach". [3]

[1] http://www.sophos.com/en-us/security-news-trends/reports/security-threat-report/html-07.aspx
[2] http://www.sophos.com/en-us/security-news-trends/reports/security-threat-report/html-01.aspx
[3] https://isc.sans.edu/diary.html?storyid=10651
[4] http://www.sophos.com/medialibrary/PDFs/other/SophosSecurityThreatReport2012.pdf

Data breach diaries reported by ISC in 2011:

[1] Wordpress.com https://isc.sans.edu/diary.html?storyid=10729
[2] RSA Breach https://isc.sans.edu/diary.html?storyid=10609
[3] Lockheed Marting https://isc.sans.edu/diary.html?storyid=10939
[4] Sega Pass https://isc.sans.edu/diary.html?storyid=11065
[5] SonyPictures https://isc.sans.edu/diary.html?storyid=10996
[6] DigiNotar SSL Breach (result = bankruptcy) https://isc.sans.edu/diary.html?storyid=11479
[7] GlobalSign https://isc.sans.edu/diary.html?storyid=12205
[8] Stratfor Global Intelligence https://isc.sans.edu/diary.html?storyid=12271

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

Keywords: 2012 Sophos
0 comment(s)
Diary Archives