The Cisco 2014 Midyear Security Report, released today at Black Hat, examines the “weak links” in organizations - outdated software, bad code, abandoned digital properties, or user errors - that contribute to the adversary’s ability to exploit vulnerabilities with methods such as DNS queries, exploit kits, amplification attacks, point-of-sale (POS) system compromise, malvertising, ransomware, infiltration of encryption protocols, social engineering and “life event” spam.
A new malware that researchers have dubbed Mayhem is being used to target Linux and Unix web servers and has so far compromised over 1,400 Linux and FreeBSD servers around the world, warn researchers from Russian Internet giant Yandex.
"According to industry estimates, botnets have caused over $9 billion in losses to US victims and over $110 billion in losses globally.
Although the GameOver Zeus botnet and CryptoLocker ransomware have been disrupted, it is still too early for a victory celebration.
Since late 2012, a group of researchers from UC Santa Barbara and RWTH Aachen University has been working on finding out the relations that exist between the different actors in the spam ecosystem, in the hope of providing information about bottlenecks and critical points in the spamming pipeline that will aid anti-spam efforts.