Saturday, January 24, 2009

End-of-year Security Reports - 2008

Updated:
Here is my TOP 10 list of security reports

Cisco 2008 Annual security report:
Vulnerabilities increased by 11.5% than last year, 90% increase in the threats from legitimate domains,.
http://cisco.com/en/US/prod/vpndevc/annual_security_report.html

Finjan:
Expected sharp rise in cybercrime in 2009 due to the current economic downturn
http://www.finjan.com/GetObject.aspx?objid=641

Anti-Phishing Working Group:
Password stealing malicious code URLs are on the rise
http://www.antiphishing.org/reports/apwg_report_Q2_2008.pdf

Cenzic Q2 2008 report:
http://www.cenzic.com/news_events/Cenzic_AppSecTrends_Q2-08.php

Symantec Underground Economy Report:

F-Secure Threat Summary for H2, 2008:

Trend Micro, Most Abused Infection Vector:

MessageLabs:

Arbor:

Sophos:
http://www.sophos.com/securityreport2009

Updated:
I have added more reports to my top 10 list:

Whitehat Security:

http://www.whitehatsec.com/home/resource/stats.html


Enisa (European Network and Information Security Agency):
http://www.enisa.europa.eu/doc/pdf/deliverables/enisa_pp_web2.pdf

Panda Security:
http://pandalabs.pandasecurity.com/blogs/images/PandaLabs/2008/12/31/Annual_Report_Pandalabs_2008_ENG.pdf

WebSense:
-77% of web sites hosting malicious content are legitimate sites
- 70% of the top 100 sites hosted or redirect to a malicious content
- 57% of data stealing attacks are conducted over the web
http://www.websense.com/site/Docs/whitepapers/en/WSL_ReportQ3Q4FNL.PDF?CMP=NR012109A

CSI:

Aladdin:

IBM X-Force:

No comments: