19th January 2014
Cisco 2014 Annual Security Report: Java continues to be most vulnerable of all web exploits
Cisco provides a report on computer security which contains a number of key findings:
- Java comprises 91% of all web exploits.
- 99% of mobile malware targets Android.
- Java is the exploit that criminals choose first, since it delivers the best return on investment.
- In the aftermath of the Boston Marathon bombing two large-scale spam campaigns commenced. Both campaigns carried subject lines about news bulletins. The links directed recipients to malicious iframes designed to infect visitor's computers.
- Global spam volume is dropping.
- Many users download mobile apps regularly without any thought of security.
- 64% of all malware categories are trojans.
- Most malware come from online-games.
- A steady decline in unique malware hosts and IP addresses suggests that malware is being concentrated in fewer hosts and fewer IP addresses.
- Brute-force login attempts increased threefold.
- Many CMS compromises can be traced back to plugins written in PHP that were designed poorly and without security in mind.
- The rise in cloud computing is undeniable and unstoppable. Cisco has projected that cloud network traffic will grow more than threefold by 2017.
- The reality is that it's no longer a matter of if attackers get in, but when.
Cisco used the following data
- 16 billion web pages
- 93 billion e-mails
- 200.000 IP addresses
- 33 million endpoint files
I first read on this in eWeek.
Java security was in the press repeatedly in 2013, see for example
- Alert (TA13-064A) Oracle Java Contains Multiple Vulnerabilities, an attacker could execute arbitrary code on a vulnerable system with the privileges of the Java plug-in process
- Kritische Schwachstelle in aktueller Java-Laufzeitumgebung, BSI empfiehlt Internetnutzern Deaktivierung von Java (in German)
- Objet : Vulnérabilités dans Oracle Java, Ces vulnérabilités sont activement exploitées et largement diffusées (in French)