Websense Unveils ReportWebsense Unveils Report
Report reveals increase in malicious sites using code from easy-to-use toolkits designed for criminals with no hacking experience
October 3, 2006
SAN DIEGO -- Websense, Inc. (NASDAQ: WBSN), a global leader in web security and web filtering productivity software, today announced the release of the WebsenseR Security LabsT 2006 Semi-Annual Web Security Trends Report, which summarizes findings for the first half of 2006 and presents projections for the remainder of 2006. The report shows that the volume of attacks increased and malicious code became more covert, less recognizable and more targeted toward financial gain.
Not only has malicious code become more sophisticated, but the infrastructure supporting its creation and spread has also become more complex. Of the sites designed to steal credentials, almost 15 percent are derived from toolkits, an emerging tactic from the hacker community. These kits, made by professional malicious code writers, are often for sale on the internet and allow non-sophisticated users to launch sophisticated attacks against operating system exploits and vulnerabilities.
The criminal motive of attacks has also become more apparent as traditional hacking for fun has been replaced with activities designed to steal confidential data to reap financial rewards. The report notes a 100 percent increase in sites designed to install keyloggers, screen scrapers and other forms of crimeware. Conversely, Websense has seen more than a 60 percent drop in websites designed merely to change user preferences, such as browser settings.
In the first half of 2006, Websense successfully identified and mitigated several new high-profile exploits and widespread web attacks including the continued assault on the Microsoft Windows Metafile (WMF) vulnerability and the Internet Explorer "zero-day" create text vulnerability.
"Websense Security Labs continues to be on the forefront of discovering advanced web-based attacks and techniques. The growth of toolkits is allowing criminals, who may not be versed in writing malicious code, the ability to launch highly sophisticated attacks with minimal effort or expertise," said Dan Hubbard, vice president of security research for Websense. "In addition to protecting against web-based threats such as keyloggers or spyware, Websense profiles these attacker toolkits to proactively protect organizations from these kits before a wave of attacks is triggered."
Websense Inc. (Nasdaq: WBSN)
Read more about:2006
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
Selling Breaches: The Transfer of Enterprise Network Access on Criminal Forums
2022 Insurance Industry Cyber Threat Landscape Report
Protecting Critical Infrastructure: The 2021 Energy, Utilities, and Industrials Cyber Threat Landscape Report