ENISA summarizes 120 threat reports, identifies top trends
Posted on 08 January 2013.
The EU's cyber security agency ENISA has published the first Cyber Threat Landscape analysis of 2012, summarizing over 120 threat reports.

The report identifies and lists the top threats and their trends, and concludes that drive-by exploits have become the top web threat.

The report summaries 120 recent reports from 2011 and 2012 from the security industry, networks of excellence, standardization bodies and other independent parties, making the report the world’s most comprehensive synthesis presently available.

The report provides an independent overview of observed threats and threat agents together with the current top threats, and emerging threats trends landscapes. Moreover, the Threat Landscape report analyses the “cyber enemy”; identifying and also listing the top ten (out of a total of sixteen) threats in emerging technology areas.

The identified top ten threats are:
  • Drive-by exploits (malicious code injects to exploit web browser vulnerabilities)
  • Worms/trojans
  • Code injection attacks
  • Exploit kits (ready to use software package to automate cybercrime)
  • Botnets (hijacked computers that are remotely controlled)
  • (Distributed) Denial of Service attacks (DDoS/DoS)
  • Phishing (fraud mails and websites)
  • Compromising confidential information (data breaches)
  • Rogueware/scareware
  • Spam.
Finally, the Agency makes a number of conclusions for industry and stakeholders on how to better fight cyber threats to business, citizens and the digital economy at large:
  • Use a common terminology within threat reports
  • Include the end-user perspective
  • Develop use cases for threat landscapes
  • Collect security intelligence of incidents including starting point and target of an attack
  • Perform a shift in security controls to accommodate emerging threat trends
  • Collect and develop better evidence about attack vectors (methods) so as to understand attack workflows
  • Collect and develop better evidence on the impact reached by attackers
  • Collect and maintain more qualitative information about threat agents.





Spotlight

Email scammers stole $215M from businesses in 14 months

Posted on 29 January 2015.  |  In 14 months there have been nearly 1200 US and a little over 900 non-US victims of BEC scams, and the total money loss reached nearly $215 million.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Jan 30th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //