Vulnerabilities / Threats

12/30/2009
10:21 AM
50%
50%

Adobe To Surpass Microsoft As Hacker Target

McAfee says Adobe Reader and Flash will top Microsoft Office as the favorite target of cybercriminals in 2010.

Adobe Reader and Flash will surpass Microsoft Office applications as favorite targets of cybercriminals, a security vendor predicted Tuesday.

In unveiling its 2010 Threat Predictions report, McAfee said the growing popularity of the Adobe products has attracted the attention of cybercriminals, who have been increasingly targeting the applications. Adobe Reader and Flash are two of the most widely deployed applications in the world.

As a result of Adobe's success in client software, McAfee Labs believes "Adobe product exploitation will likely surpass that of Microsoft Office applications in 2010."

Security experts for quite a while have warned of the potential security risk posed by Flash. In November, Foreground Security identified a flaw in the way Web browsers handle Flash files that could be used to compromise Web sites that have users submit content.

Beyond Adobe, cybercriminals are also expected to step up efforts next year to crack social networking sites, as well as third-party applications in general. Internet users can expect crooks to use more complex Trojans and botnets to build and execute attacks and to take advantage of HTML 5 to create threats. HTML 5 is the next major revision of hypertext markup language, the core markup language of the Web.

"We're now facing emerging threats from the explosive growth of social networking sites, the exploitation of popular applications, and more advanced techniques used by cybercriminals, but we're confident that 2010 will be a successful year for the cybersecurity community," Jeff Green, senior VP of McAfee labs, said in a statement.

Facebook, Twitter, and the third-party applications that incorporate the social networks have given criminals new technologies to target and exploit. In 2010, users will be most vulnerable to "rogue apps" distributed by criminals across the networks and to crooks that use the names of people on friends lists to get victims to click on unfamiliar links they might otherwise avoid, McAfee said. In addition, the use of abbreviated URLs on sites like Twitter will make it easier for cybercriminals to mask and direct users to malicious Web sites.

The technological advancements of HTML 5 are expected to shift more computing activity from the desktop to online applications. The technology's cross-platform support will make it easier for attackers to reach users across all mainstream browsers, McAfee said.

More sophisticated Trojans will make it possible to make unauthorized withdrawals from online banking accounts that stay below transaction limits, thereby making those withdrawals more difficult for banks to spot. E-mail attachments are expected to remain the most widely used Trojan distribution method, so users can avoid infection by checking on the safety of an attachment before clicking on it.

Regarding botnets, McAfee expects attackers in 2010 to adopt peer-to-peer control, a distributed and resilient botnet infrastructure, rather than the centralized hosting model seen today. The additional cost of the peer-to-peer model is expected to be outweighed by better success against the security community's increasingly aggressive techniques in shutting down and denying access to botnets.

Botnets typically refer to networks of computers that contain malicious software that places the host computer in the control of cybercriminals. The applications, called bots, are secretly deployed through Trojans or exploiting vulnerabilities in Web browsers and other Internet-enabled applications.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
Why Enterprises Can't Ignore Third-Party IoT-Related Risks
Charlie Miller, Senior Vice President, The Santa Fe Group,  5/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Security through obscurity"
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11232
PUBLISHED: 2018-05-18
The etm_setup_aux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service (panic) because a parameter is incorrectly used as a local variable.
CVE-2017-15855
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, the camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in u...
CVE-2018-3567
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing the HTT_T2H_MSG_TYPE_PEER_MAP or HTT_T2H_MSG_TYPE_PEER_UNMAP messages.
CVE-2018-3568
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, in __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur.
CVE-2018-5827
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing an extscan hotlist event.