HP released their annual report for 2016 that covers a broad range of information (96 pages) in various sectors and industries. The report is divided in 7 themes, those that appear the most interesting to me are Theme #5: The industry didnt learn anything about patching in 2015 and Theme #7: The monetization of malware.

Theme #5

According to this report, the bug that was the most exploited in 2014 was still the most exploited last year which is now over five years old. CVE-2010-2568 where a [...] local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file , which is not properly handled during icon display in Windows Explorer, as demonstrated in the wild in July 2010 [...] [2] is still the top vulnerability for 2015 (29% in 2015 vs. 33% in 2014), see the pie chart on page 32 showing the Top 10 CVE for 2015, where the oldest CVE is from 2009. The Top 3 targeted applications and platform where: Windows, Android and Java which isnt a huge surprise.

Theme #7

This doesnt sound really new and not that surprising, in 2015 malware needed to produce revenues. HP noted a significant increase in malware targeting ATM, banking Trojans and ransomware targeting every operating systems in particular smartphones. Some of the well-known ransomware families include Cryptolocker and Cryptowall where the malware author will request a ransom to decrypt password encrypted files but once paid often fail to provide the key. Obviously, the best protection is to regularly backup your files (and more importantly test the backup as well) in case you ever get caught by this.

[1] http://techbeacon.com/resources/2016-cyber-risk-report-hpe-security
[2] https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2568

Guy Bruneau IPSS Inc.
Twitter: GuyBruneau
gbruneau at isc dot sans dot edu

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
[SECURITY] [DSA 3556-1] libgd2 security update
[SECURITY] [DSA 3555-1] imlib2 security update
Unlimited Pop-Ups WordPress Plugin XSS Vulnerability
Easy Social Share Buttons for WordPress XSS Vulnerability
CM-AD-Changer XSS Vulnerability
Tweet-wheel XSS Vulnerability
Persian-woocommerce-sms XSS Vulnerability
Remote Code Execution in Shopware <5.1.5 (CVE-2016-3109)

Waterbury Republican American

That USB drive you found has more than just spring break photos
Waterbury Republican American
... has more than just spring break photos. By Ally Marotti TRIBUNE NEWS SERVICE ... Jack Koziol, president and founder of InfoSec Institute, an Elmwood Park-based information security training company, agreed. "I don't think most people realize that ...

and more »
Internet Storm Center Infocon Status