Feeds

Firefox and Mac security sanctuaries 'under attack'

Symantec attacks sacred cows

Website security in corporate America

Symantec has attacked the perceived security advantages of Firefox and Apple Macs by drawing unfavourable comparisons with Microsoft's software and describing Mac fans as living in a "false paradise". According to the latest edition of Symantec's Internet Security Threat Report, 25 vulnerabilities were disclosed for Mozilla browsers and 13 for Microsoft Internet Explorer in the first half of 2005.

Graham Pinkney, head of threat intelligence EMEA at Symantec, said that switching from IE to Firefox as a way of minimising security risks was no longer valid advice. "Cross-site scripting attacks have been used to attack more vulnerabilities in Mozilla browsers over the last six months than IE," Pinkney told an IDC security conference last week ahead of the publication of Symantec's threat report today. John Cheney, chief executive of email filtering firm BlackSpider, replied that the release of Firefox had "helped Microsoft to raise its game" in terms of browser security.

As well as making comments that will doubtless irk Firefox fans, Symantec has renewed its assault of the perceived security advantages of Apple Macs. "Mac users may be operating under a false sense of security as a noteworthy number of vulnerabilities and attacks were detected against Apple Mac’s operating system, OS X," Symantec said, reflecting comments in the previous edition of its threat report that OS X was an emerging target for attack.

"While the number of vendor-confirmed vulnerabilities in OS X has remained relatively constant during the last two reporting periods [12 months], Symantec predicts this could change in the future. Symantec’s analysis on a rootkit (OSX/Weapox) reveals it is designed to take advantage of OS X. This particular trojan demonstrates that as OS X increases in popularity, so too will the scrutiny it receives from potential attackers."

Away from the desktop, Microsoft enterprise applications remain the top hacker target. For the fourth consecutive reporting period, the Microsoft SQL Server Resolution Service Stack Overflow Attack was the most common attack, accounting for 33 per cent of all attacks monitored by Symantec.

Malware authors go modular

Malicious code threats to privacy and confidentiality increased rapidly in the first six months of 2005 - up 48 per cent on the back half of 2004. Virus writers upped their production lines to release 10,866 new Windows virus and worm variants in the first six months of this year, Symantec reports.

For the second period in succession, NetSky-P was the most reported malicious code sample. Gaobot and Spybot - both linked to the creation of zombie networks of compromised Windows PCs - were the second and third most reported.

Malware that exposes confidential user information represented three-quarters (74 per cent) of the top 50 malicious code samples received by Symantec. Seven of the top 50 were linked to the creation of botnets. Websites that specialise in distributing source code and tools for malicious bots and botnets helped fuel the creation of multiple copies of Spybot with 6,361 new variants of the malware created in the first half of 2005, a 48 per cent increase over the 4,288 new variants documented in the second half of 2004.

Instead of releasing a wide range of functions in one program or file, virus writers are beginning to create modular code to avoid detection. Once installed, modular malware first tries to disable antivirus software and firewall protection and then trieas to download other pieces (or modules) of code from compromised computers across the internet.

A patch in time...

Symantec chronicled 1,862 new vulnerabilities during 1H2005 - an average of 10 new flaws a day – 73 per cent of which it categorises as easily exploitable. The time between the disclosure of a vulnerability and the release of an associated exploit was just six days. Half (59 per cent) of vulnerabilities were associated with web application technologies.

Along with computer viruses and vulnerabilities, spam remains a leading security concern. Spam accounted for 61 per cent of all email traffic in the first half of 2005, according to Symantec, with over half (51 per cent) of all junk mail received worldwide originated in the US. ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.