http://www.theregister.co.uk/2008/07/29/x_force_threat_report/



By John Leyden

The Register

29th July 2008



Cybercrooks are becoming faster at utilising newly-discovered browser 

exploits. More than nine in ten of all browser-related exploits occurred 

within 24 hours of an official vulnerability disclosure, according to a 

survey by IBM's X-Force security division.



The cyber-threat survey, which looked closely at information security 

events that happened during the first half of 2008, also revealed that 

attacks targeting flaws in browser plug-ins are increasing in 

prevalence. In the first half of 2008, around 78 percent of web browser 

exploits targeted browser plug-in bugs.



X-Force operations manager Kris Lamb said that the "acceleration and 

proliferation" of bugs were key themes for the first half of 2008.



The IBM division reckons the increasing use of automated tools allows 

hackers to become faster off the mark in exploiting vulnerabilities. It 

criticised the practice of releasing "exploit code along with a security 

advisory" as playing into the hands of hackers. According to the study, 

vulnerabilities disclosed by researchers are twice as likely to have 

zero-day exploit code published.



[...]





_______________________________________________      

Attend Black Hat USA, August 2-7 in Las Vegas, 

the world's premier technical event for ICT security experts.

Featuring 40 hands-on training courses and 80 Briefings 

presentations with lots of new content and new tools.

Network with 4,000 delegates from 50 nations.  

Visit product displays by 30 top sponsors in 

a relaxed setting. http://www.blackhat.com



Received on Tue Jul 29 2008 - 22:17:41 PDT