You are viewing 'GTIR'
Observations of the Trends and Statistics that Shaped Cybersecurity in 2015
Now in its fourth year of publication, the 2016 Global Threat Intelligence Report (GTIR) highlights observations and details about global threats. In this year’s report we continue tracking trends that have affected our clients over the last few years, as well as identify the new threats that presented themselves in 2015.
This year’s GTIR provides actionable intelligence, guidance about what attackers are doing, and comprehensive security controls designed to disrupt attacks. Controls recommended in this report will contribute to an organization’s survivability and resiliency in the face of an attack.
To develop this year’s annual report, we collaborated with several well-respected organizations, including Lockheed Martin, Recorded Future, Wapack Labs, and the Center for Internet Security. These contributors provided key feedback and observations from their unique perspectives of the cyber... read more >
Flash continues to pose a significant threat
Again with the Flash.
It seems like only yesterday I wrote a blog about a critical patch for Adobe Flash Player. And suddenly this week we have more. Yeah, not only is it yet another Flash vulnerability, it is multiple CVEs, with CVSS scores of 10 – with a high impact (execute arbitrary code or DoS), and simple to exploit. Actually, given the way Flash has been doing so far this year, it seems like that is more like “about every 35.5 hours” we would see a new Flash vulnerability.
Think about that.
“Every 35.5 hours.”
Actively patching can help remove active, known vulnerabilities
There is no “silver bullet” to security. No single, one security control which will answer all of our security woes.
But, time and time again, we hear of vulnerabilities which are affecting organizations, right now. A good example is the Adobe Flash Player vulnerability (CVE-2015-3113). If you check the details for the vulnerability, you can see that it has a CVSS score of 10. You can also see that it has been actively exploited in the wild; meaning attackers have been using it, and are using it right now.
This is a client system vulnerability. Adobe Flash Player runs on the user workstation. We all know that it can be difficult to keep all systems current, especially in a heterogeneous, geographically distributed environment.
But, Adobe has released a patch for this vulnerability, and applying that patch can remove a current, known threat from your environment. For more... read more >
An alternate take on the snake
I guess it is time to take off my shoes, because I have run out of fingers to count the number of times I read "OMG THIS IS THE NEXT HEARTBLEED!" for normal vulnerabilities.
Marketing firms have definitely figured out how to promote their researchers' activities:
Scary Name + Cool Logo == Unique Hit Counts == KPI met on your next review
I get it. I totally do. It becomes an issue, however, when every blog site picks it up and people start getting freaked out about relatively normal things.
- New vulnerabilities occur all the time
This includes high, medium and low priority vulnerabilities. Some are pretty bad, allowing for sensitive information disclosure, denial of service, or remote code execution. Most software engineers are not magicians who create perfect code every time. Even those who are have their code pieced together with the work of others, resulting in unintended...
Report Based on Analysis of Over Six Billion Attacks in 2014
What do you get when you look at trillions of log lines which cover over 6 billion attacks, and information from over 18,000 global customers, combine that with data from hundreds of honeypots, then apply analysis and research from over 1300 security researchers and analysts?
This report includes even more global data than last year’s report. More vulnerability data. More attack data. And more real information from clients, including practical case studies. All of this data helped NTT Group focus on security issues which truly matter to organizations.
- What vulnerabilities should I worry about?
- Why are exploit kits important?
- What (or who) is being attacked most?
- What types of incidents are organizations getting the most help with?
- What Distributed Denial of Service attacks are...