Vulnerabilities / Threats
12/30/2009
10:21 AM
Connect Directly
RSS
E-Mail
50%
50%

Adobe To Surpass Microsoft As Hacker Target

McAfee says Adobe Reader and Flash will top Microsoft Office as the favorite target of cybercriminals in 2010.

Adobe Reader and Flash will surpass Microsoft Office applications as favorite targets of cybercriminals, a security vendor predicted Tuesday.

In unveiling its 2010 Threat Predictions report, McAfee said the growing popularity of the Adobe products has attracted the attention of cybercriminals, who have been increasingly targeting the applications. Adobe Reader and Flash are two of the most widely deployed applications in the world.

As a result of Adobe's success in client software, McAfee Labs believes "Adobe product exploitation will likely surpass that of Microsoft Office applications in 2010."

Security experts for quite a while have warned of the potential security risk posed by Flash. In November, Foreground Security identified a flaw in the way Web browsers handle Flash files that could be used to compromise Web sites that have users submit content.

Beyond Adobe, cybercriminals are also expected to step up efforts next year to crack social networking sites, as well as third-party applications in general. Internet users can expect crooks to use more complex Trojans and botnets to build and execute attacks and to take advantage of HTML 5 to create threats. HTML 5 is the next major revision of hypertext markup language, the core markup language of the Web.

"We're now facing emerging threats from the explosive growth of social networking sites, the exploitation of popular applications, and more advanced techniques used by cybercriminals, but we're confident that 2010 will be a successful year for the cybersecurity community," Jeff Green, senior VP of McAfee labs, said in a statement.

Facebook, Twitter, and the third-party applications that incorporate the social networks have given criminals new technologies to target and exploit. In 2010, users will be most vulnerable to "rogue apps" distributed by criminals across the networks and to crooks that use the names of people on friends lists to get victims to click on unfamiliar links they might otherwise avoid, McAfee said. In addition, the use of abbreviated URLs on sites like Twitter will make it easier for cybercriminals to mask and direct users to malicious Web sites.

The technological advancements of HTML 5 are expected to shift more computing activity from the desktop to online applications. The technology's cross-platform support will make it easier for attackers to reach users across all mainstream browsers, McAfee said.

More sophisticated Trojans will make it possible to make unauthorized withdrawals from online banking accounts that stay below transaction limits, thereby making those withdrawals more difficult for banks to spot. E-mail attachments are expected to remain the most widely used Trojan distribution method, so users can avoid infection by checking on the safety of an attachment before clicking on it.

Regarding botnets, McAfee expects attackers in 2010 to adopt peer-to-peer control, a distributed and resilient botnet infrastructure, rather than the centralized hosting model seen today. The additional cost of the peer-to-peer model is expected to be outweighed by better success against the security community's increasingly aggressive techniques in shutting down and denying access to botnets.

Botnets typically refer to networks of computers that contain malicious software that places the host computer in the control of cybercriminals. The applications, called bots, are secretly deployed through Trojans or exploiting vulnerabilities in Web browsers and other Internet-enabled applications.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0640
Published: 2014-08-20
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to bypass intended restrictions on resource access via unspecified vectors.

CVE-2014-0641
Published: 2014-08-20
Cross-site request forgery (CSRF) vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to hijack the authentication of arbitrary users.

CVE-2014-2505
Published: 2014-08-20
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to trigger the download of arbitrary code, and consequently change the product's functionality, via unspecified vectors.

CVE-2014-2511
Published: 2014-08-20
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) startat or (2) entryId parameter.

CVE-2014-2515
Published: 2014-08-20
EMC Documentum D2 3.1 before P24, 3.1SP1 before P02, 4.0 before P11, 4.1 before P16, and 4.2 before P05 does not properly restrict tickets provided by D2GetAdminTicketMethod and D2RefreshCacheMethod, which allows remote authenticated users to gain privileges via a request for a superuser ticket.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Dark Reading continuing coverage of the Black Hat 2014 conference brings interviews and commentary to Dark Reading listeners.