Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Cisco 2015 Annual Security Report

New Threat Intelligence and Trend Analysis – “Despite advances by the security industry, criminals continue to evolve their approaches to break through security defenses. Attackers are realizing that bigger and bolder is not always better. The Cisco 2015 Annual Security Report reveals shifts in attack techniques, emerging vulnerabilities, and the state of enterprise security preparedness.
Key Discoveries
►Attackers have become more profi‰cient at taking advantage of gaps in security to hide and conceal malicious activity.
►In 2014, 1 percent of high-urgency common vulnerabilities and exposure (CVE) alerts were actively exploited. This means organizations must prioritize and patch that 1 percent of all vulnerabilities quickly. But even with leading security technology, excellence in process is required to address vulnerabilities.
►Since the Blackhole exploit kit was sidelined in 2013, no other exploit kit has been able to achieve similar heights of success. However, the top spot may not be as coveted by exploit kit authors as it once was.
►Java exploits have decreased by 34 percent, as Java security improves and adversaries move to embrace new attack vectors.
►Flash malware can now interact with JavaScript to help conceal malicious activity, making it much harder to detect and analyze.
► Spam volume increased 250 percent from January 2014 to November 2014.  Snowshoe spam, which involves sending low volumes of spam from a large set of IP addresses to avoid detection, is an emerging threat.”

Sorry, comments are closed for this post.