Highlight of Survey Related to Issues Affecting Businesses in 2010

Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/

Handler on Duty: Johannes Ullrich

Threat Level: green

Highlight of Survey Related to Issues Affecting Businesses in 2010
Now that we are getting close to the 2010 year end, I posted a survey last week on "Which of the following issues affected your business in 2010?". At the beginning of the survey, "Targeted malware attacks" were on top around 40% which wasn't really any surprise because of all the new malware found daily. However, things turnaround at the end of this week and malware dropped to #2 and Inbound DDoS attacks has been climbing well above 50%. I looked over the diaries posted by all handlers in 2010 for some stories related to parts of this survey. Inbound DDoS attack In September, ISC published a diary related to a series of DDoS attacks released by the Shadowserver on the BlackEnergy bot. The diary is posted here. Enterprise wide DoS In April, an issue with a McAfee DAT file caused widespread corporate DoS believing that "svchost.exe" was a piece of malware named W32/Wecorl.a. A lot of people had to work overtime to restore a clean svchost.exe file to the affected hosts. The diary is posted here. Data lost through mobile devices In January, ISC made reference to a fake Android application that was stealing user password. The diary is posted here. Targeted malware attacks In April, ISC reported a targeted malware scams in an enterprise were all the targeted individuals were handling money and had a LinkedIn profile. The diary is posted here. Another was on a "Legal Threat“ malware on contract terms breached and the diary is posted here. If you want to comment on any of the six point in the survey, you can contact us using our contact page here. ----------- Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org	Guy 528 Posts ISC Handler Dec 20th 2010
Thread locked Subscribe	Dec 20th 2010 1 decade ago