Three more security vulnerabilities have been disclosed for the month of April, in a report by Symantec. Symantec’s Security Update covers developments in vulnerabilities, attacks, malicious code, and spam in the Asia-Pacific (APAC) region during this April. The notable vulnerabilities of the month include one in the Oracle Database Export Component, one in Mozilla Firefox, and one in Microsoft Internet Explorer.
According to the report, during the period, the top attack detected originating from computers based in the APAC region was the Generic Extra SYN in TCP Connection Event. Detection of this attack indicates that attackers may be attempting to manipulate the TCP/IP connection that underlies most of the other Internet protocols. The second most widespread attack detected in the was the Generic SMTP "FROM:" The third most popular attack was the Generic SMTP Invalid Command Before HELO Event, which was used by five percent of all attackers.
The Security Update revealed that the Lineage Trojan was the most frequently reported malicious code sample in the APAC region during April, followed by the Mytob.EA worm and the Blackmal.E worm.
Spam By Type
Symantec’s report found that during April, the most common spam detected worldwide was related to commercial products (merchandise not included in other categories, that is) such as printer supplies, jewelry, and other consumer goods, which accounted for 22% of all spam. The second most common spam was related to financial products and services (this includes offers for loans, mortgages, and stock tips), which accounted for 20% of worldwide spam. Spam related to health products or services accounted for 13% of the global volume.
Fig. 1: Worldwide Spam by Type, April 2006 (Source Symantec Corp.)
The top three spam categories detected in the APAC region in April 2006 (Figure 2) varied slightly from the top categories worldwide. Spam related to commercial products accounted for 23% of the spam in the region. Spam related to financial products made up 21% and while that related to Internet products or services accounted for 13%.
Fig. 2: APAC Spam By Type, April 2006 (Source Symantec Corp.)
Spam – Region of Origin
North America continues to be the most prominent region of origin for spam detected by the Symantec Probe Network (figure 3). Symantec believes that this is likely due to the widespread access to cheaper broadband connectivity in this region, although Asia and Europe also have high rates of broadband connectivity.
As more spam is likely to be sent from hijacked desktop computers, Symantec expects to continue to see large amounts of spam coming from those regions with high bandwidth capabilities.
Fig. 3: Region of Spam Origin, April 2006 (Source Symantec Corp.)
To conclude, here are a few tips to protect against security threats:
- Users should employ defense indepth, including the deployment of antivirus software and a personal firewall
- Users should update antivirus definitions regularly
- Users should ensure that all desktop, laptop, and server computers are updated with all necessary security
- Users should never view, open, or execute any email attachment unless it is expected and comes from trusted source
|
