Symantec Global Internet Security Threat Report (ISRT) pointed out that the first half of this year, the threat is still the Web's largest network of threat, and the increase in modular attack tools, Web attacks also makes it easier to imitate and be.
Twelfth Symantec Global Internet Security Threat Report noted that the vulnerabilities exposed by the current, 61% of Web applications for vulnerabilities.Symantec Chief Technology Officer of Taiwan, said Wang Yuezhong, from the puppet program (Bot) reduction in the number, proof of the traditional large-scale network viruses and DoS (denial of service) attack, has been effective as usual.He further pointed out that these have a web application vulnerabilities web site most of the community, through the user's trust and take the initiative to visit, but also make the network a trusted form of attack towards the attack site.Since become the active network attacks, network attacks common during the first half of this year is a staged attack tactics (Staged Attack), and phishing tools.MPack is a hybrid malware, spam, and Web browser vulnerabilities tool.Wang Yuezhong pointed out that "such a tool can be purchased black-market price of 1,000 dollars." Another common malicious software tool in the first half through a set of scripts, so that hackers can automate the establishment of a deceptive phishing sites, and can producewith the corresponding phishing spam.He said, "phishing sites discovered during the first half, 42% from 3 groups phishing tool for a particular group," This also means that hackers have used a modular tool, quickly create phishing sites.