At 91%, Java Accounts For The Highest Number Of Web Exploits [Report]


At 91%, Java Accounts For The Highest Number Of Web Exploits [Report]

Increasing complexity of threats and solutions due to rapid growth in intelligent mobile device adoption and cloud computing is providing for a greater attack surface than ever before, according to a new report.

Amongst mobile devices, 91% of all mobile malware in 2013 targeted Android devices. Android users also have the highest encounter rate (71%) with all forms of web-delivered malware. New classes of devices and new infrastructure architectures offer attackers opportunities to exploit unanticipated weaknesses and inadequately defended assets, the Annual Security Report 2014 by Cisco said.

Anatomy of a threat

Here are some key insights from the report

  • Java comprises 91% of web exploits; 76% of companies using Cisco Web Security services are running Java 6, an end-of-life, unsupported version.

  • Malicious exploits are gaining access to web hosting servers, name-servers, and data centers. This suggests the forming of überbots that seek high-reputation and resource-rich assets.

  • Buffer errors are a leading threat, at 21% of the Common Weakness Enumeration (CWE) threat categories.

  • Malware encounters are shifting toward electronics manufacturing and the agriculture and mining industries at about six times the average encounter rate across industry verticals.

top themes

  • Spam continues its downward trend, although the proportion of maliciously intended spam remains constant.

  • At 64% Trojans are the most common malware, followed by adware.

Cisco evaluates 16 billion web requests and 93 billion emails through its Cloud Web Security and email solutions every day.

Leave your thought here