| Top
Security News |
A
Worm In The Apple
Abingdon, England-based SophosLabs discovered a worm in the Apple OS X platform.
The virus named OSX/Leap-A or OSX/Oompa-A moves through instant messaging, specifically,
the iChat client.
Brazilian
Hacker Smash
Brazilian authorities raided a phishing scam, arresting 55 people, in which authorities believe millions of dollars were stolen...
NCSA
Examines 2006 Cyber Threats
In conjunction with the Department of Homeland Security (DHS), the National Cyber Security Alliance (NCSA) announced their Internet threat list for 2006 and online best practices to help protect consumers from online threats...
Croatian
Crashes BitDefender For Beer, Vampires
Security software company BitDefender recently held a contest called "Crash and Win," inviting Linux junkies to take a shot at their beta version of Mail Protection for Enterprises product...
China
Can’t Deal With Pirates
Most of the time, pirates in any venue are looked down upon. Those who spread
secrets aren't always the good guys.
New
Danish Websites Hacked
Muslim hackers continue their retaliatory assault on Danish websites over the political cartoons run in Danish newspapers last year and more recently in other European publications...
Olympic
Computer Viruses
The Olympics is meant to be a symbol of international cooperation and goodwill.
Hundreds of athletes from all over the world compete in the winter and summer
Olympic games.
Microsoft
Shows New Firewall Beta
Microsoft's been putting out some eye candy leading up to next week's RSA Conference.
They opened the shades on their new ISA 2006 firewall public beta
|
|
|
|
|
Everyone knows spyware on the Internet is a huge problem. There's tons of malicious
software out there solely for the purpose of gleaning information on various users.
And they do. A recent study done at the University of Washington explains just
how much is out there and it's not pretty. The problem is nearly all of this is
for Internet Explorer (IE) alone.
The study (pdf) done by the Department of Computer Science and Engineering at the University of Washington went into great detail and determined 1.5% of the 18 million URLs they crawled exploited flaws in IE. That's one in every 67 websites.
The large-scale, longitudinal study was conducted over the web using a crawler. The crawl sampled both executables and conventional web pages for maliciousness. The study, started in May 2005, found spyware in 13.4% of the 21,200 executables identified. They also found scripted "drive-by-download" attacks in 5.9% web pages processed. The study quantifies the density of spyware, the types of threats, and the most dangerous web zones in which spyware is likely to be encountered.
They also went into the frequency with which specific spyware programs were found and they measure the density of spyware over time, crawling again in October 2005. One thing noticed was the significant reduction in the presence of drive-by download attacks vs. those in May.
The methodology was used conducting the two studies. In each case, they began from scratch, generating lists of crawling seeds from the Google directory and the results of category specific keyword searches. They said each crawl represented a partial view of the web, informed in part by Google's page rankings at that moment in time. That way, they were allowed to follow time-based trends of executable spyware in the Internet.
The biggest limit to this study was AdAware. Once they did all the crawling, they based their information on what AdAware was able to detect as a threat. While there are a number of anti-spyware programs available, many of them do have problems for various reasons. One would be curious to see what other anti-spyware programs would turn up for purposes of the study.
Some information about their research turned up:
Our crawl found a total of 2,834 infected executables in May and 1,294 in October. However, thos infected executable contained only 82 (May) and 89 (October) different spyware programs; the total number of distinct spyware threats we encountered is relatively small.
[…]
Most spyware programs are rare; during our May 2005 crawl, only 15 spyware programs were found that were present in more than twenty infected executables. However, the most prevalent programs appeared very frequently: we detected 364 executables in October. This data suggests that signature-based anti-spyware techniques should be effective, as relatively few spyware variants are commonly encountered when Web browsing.
Read
the Full Article
About
the Author:
John Stith is a technology writer with SecurityProNews. |
|
,
Inc. 2549 Richmond Rd. Lexington KY, 40509
