Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Annual security reports predict what we can expect in 2015

Scott Hogg | Feb. 16, 2015
Recent security reports give insight into security best practices often missed.

In August 2014, Cisco published their Midyear Security Report 2014 which covered security intelligence from the first half of 2014.  This report noted that the Internet of Things (IoT) may represent a growing attack target in the coming years as more IP-enabled embedded devices connect to networks.  This report covered Cisco's "Inside Out" project where they looked at outgoing DNS queries were destined for Dynamic DNS (DDNS) systems.  Cisco's recommendation is for organizations to use a system like Infoblox's DNS Firewall to restrict DNS queries destined to malicious systems.  This midyear report also confirmed the increase in Java exploits and recommends organizations update to more secure updated Java 8 versions.  The report covered the recent NTP packet amplification attacks and showed how attackers can change their tactics rapidly based on effectiveness of the attacks.

Cisco just today released their 2015 Annual Security Report.  This year's report covered events occurring in 2014.  This ASR noted that there is an ever-widening gap between the capabilities of defenders and attackers.  This report also noted the decline in Java exploits.  The report also found that many organizations are over-confident about their security posture because there are still many of these same companies who are experiencing breaches.  There was also a large percentage of unpatched OpenSSL servers operating showing that many organizations are not patching frequently enough.

Microsoft Security Intelligence Report (SIR)
Microsoft publishes their annual Security Intelligence Report (SIR) that provides information on current threats based on their host operating systems, popular enterprise and consumer applications and cloud-based service perspective on security.  Microsoft has been publishing these reports every 6 months since 2006 and they have been the go-to source for information on current security threats.  The Microsoft Security Intelligence Report (SIR) Volume 16 covered issues occurring from July 2013 to December 2013.  The latest Microsoft Security Intelligence Report, Volume 17, published in November 2014, covers issues from the first half of this year: January through June 2014.

The SIRv17, weighting in at a hefty 166 pages, provides a comprehensive look at the current vulnerability, exploit, and malware trends.  The report mentioned how weak login credentials leads to compromise far too often and how two-factor authentication systems and encrypting the passwords on the servers can prevent many of these types of attacks.  The report covered results of gathering data from the Malicious Software Removal Tool(MSRT) and showed that many infected computers were not running adequate up-to-date real-time security AV software.  The report showed how applications were more vulnerable than operating systems and browser vulnerability disclosures increased significantly.  The SIRv17 showed a drop in Java exploit attempts and a rise in JavaScript and HTML exploit kits.  The majority of malware is now hosted on servers in data centers and the majority of those malware servers are located within the United States.

 

Previous Page  1  2  3  4  5  6  7  Next Page 

Sign up for CIO Asia eNewsletters.