Information Security News mailing list archives
Re: Symantec: Boom Times For Hackers
From: InfoSec News <isn () c4i org>
Date: Thu, 18 Mar 2004 02:29:53 -0600 (CST)
Forwarded from: Mark Bernard <mbernard () nbnet nb ca> Dear Associates, Am I not sure if I am the only one here that is concerned about this fact or not, so here it goes. Isn't it at cross purposes perhaps even a ethical question, that a report like this was created by a company that sells the stuff to prevent all this bad stuff from happening to you? Why has no one ever suggested this before? It seems like a logical conclusion. For me independent sources, even if only in appearances, would help to validate this information adding credibility and trust. It appears that each and every group from Symantec to PWC, E & Y and CSI/FBI has a different story to tell and its difficult to tell which one is correct because none of them support each other. Regards, Mark. ----- Original Message ----- From: "InfoSec News" <isn () c4i org> To: <isn () attrition org> Sent: Tuesday, March 16, 2004 3:44 AM Subject: [ISN] Symantec: Boom Times For Hackers
http://www.informationweek.com/story/showArticle.jhtml?articleID=18400171 By Gregg Keizer TechWeb News March 15, 2004 Symantec Corp.'s twice-annual Internet Security Threat Report paints a menacing picture, one that security professionals know all too well. A report released Monday by the security vendor using data from customers as well as from its DeepSight Threat analysis system says attackers are having an easier time than ever exploiting vulnerabilities. They're also increasingly using back doors to gain access to compromised systems, and are trying to turn a quick buck with stolen confidential information. During 2003, according to Symantec's data, the number of easily-exploited vulnerabilities climbed about 10% from the year before, marking the first time that vulnerabilities so classified broke the two-thirds mark. In 2003, fully 70% of all security vulnerabilities were simple for attackers to manage. The reasons are twofold, said Brian Dunphy, director of Symantec's managed securities services group. More vulnerabilities, such as those affecting Web services, take very little exploit expertise. Also, more hackers are relying on already-published exploit code and easily available tools to craft new attacks. Other security analysts have harped on the same subject, and the proof in the trend has been as recent as 2004's wave of worms, due in part to the release of source code to such malware as MyDoom and Netsky into the underground.
[...] - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- Symantec: Boom Times For Hackers InfoSec News (Mar 16)
- <Possible follow-ups>
- Re: Symantec: Boom Times For Hackers InfoSec News (Mar 17)
- Re: Symantec: Boom Times For Hackers InfoSec News (Mar 18)