In a month where safety and security reports continue to release, one new survey shows 58 percent of the vulnerabilities targeted by the most popular exploit kits in Q4 were more than two years old and 70 percent of exploit kits reviewed ended up released or developed in Russia.
In reviewing 26 commonly used exploit kits, security provider Solutionary SERT’s Q4 2012 Quarterly Research Report identified exploit code dating as far back as 2004, showing old vulnerabilities continue to pay off for the bad guys.
The idea 58 percent of the vulnerabilities exploited are over two years old supports SERT findings the number of newly discovered and disclosed vulnerabilities declined since 2010.
The report also revealed BlackHole 2.0 was the most often-used exploit kit; that Phoenix 3.1 supports the most vulnerabilities, approximately 9 percent; and a large number of exploit kits end up developed and distributed in Eastern Europe, with 70 percent coming from Russia, followed by China and Brazil.
While DDoS attacks surprisingly decreased during Q4, SERT found Web application and malware security incidences increased 8 percent. This signals that cyber criminals seem to be shifting from attacking retail sites to directly targeting consumers with social-engineering attacks, using subjects such as Hurricane Sandy to grab attention.
“The fact that cyber criminals are able to penetrate network defenses by targeting aging vulnerabilities and using old techniques demonstrates that many organizations are still playing catch-up when it comes to cyber security,” said Rob Kraus, SERT director of research. “Tight budgets, inability to convince stakeholders at all levels that security should be a priority, and a shortage of research resources could be among the reasons why many security and risk teams are continuing to operate in reactive mode.”