[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [WEB SECURITY] Totals of web security's evolution in 2008

From: "Luis Matus" <matus.investiga@xxxxxxxxx>
Subject: Re: [WEB SECURITY] Totals of web security's evolution in 2008
Date: Tue, 13 Jan 2009 18:14:12 -0600

------=_Part_193567_21366799.1231892052512
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Do you have an english version of these links??

2009/1/13 MustLive <mustlive@websecurity.com.ua>

> Hello participants of Mailing List.
>
> For last time there were a lot of security predictions for new 2009 year
> (I'll do my own soon ;-)), but there was no security totals of last year,
> especially in web security field. At the least I didn't see such news.
>
> So here is my totals of web security's evolution in 2008
> (http://websecurity.com.ua/2788/). I made such totals last year and made
> it
> this time.
>
> 1. Though in 2007 there were more security projects, but nevertheless in
> 2008 I made some interesting projects: Day of bugs in Google Chrome
> (http://websecurity.com.ua/2406/), Day of bugs in browsers
> (http://websecurity.com.ua/2453/), Day of bugs in browsers 2
> (http://websecurity.com.ua/2573/).
>
> 2. New phase of browsers wars has begun with release of Google Chrome,
> which
> showed together with his innovations, also multiple vulnerabilities.
>
> 3. XSS vulnerabilities spread yet more and again became most widespread
> vulnerabilities in web applications.
>
> 4. There was an increase of hackers' activity. Particularly in Uanet an
> increase of hackers' activity (http://websecurity.com.ua/2320/) at 200% in
> first half year of 2008 in comparison with similar period of 2007 (and as
> my additional data shows, which I'll publish soon, this index is more
> large).
>
> 5. Fishing became more widespread and new technique of fishing attacks has
> appeared with using of Flash (http://websecurity.com.ua/2450/).
>
> 6. Attacks with using of Insufficient Anti-automation vulnerabilities
> spread. Particularly attacks at captcha of popular webmail systems.
>
> 7. There was an increase of attacks on social networks.
>
> 8. New web worms were appeared, particularly Facebook Worm.
>
> 9. There was an increase of numbers of web pages infected by viruses.
> Including in Uanet, where I often discovered infected web sites.
>
> Best wishes & regards,
> MustLive
> Administrator of Websecurity web site
> http://websecurity.com.ua
>
>
> ----------------------------------------------------------------------------
> Join us on IRC: irc.freenode.net #webappsec
>
> Have a question? Search The Web Security Mailing List Archives:
> http://www.webappsec.org/lists/websecurity/archive/
>
> Subscribe via RSS: http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>
> Join WASC on LinkedIn
> http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
>

------=_Part_193567_21366799.1231892052512
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Do you have an english version of these links??<br><br><div class="gmail_quote">2009/1/13 MustLive <span dir="ltr">&lt;<a href="mailto:mustlive@websecurity.com.ua";>mustlive@websecurity.com.ua</a>&gt;</span><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Hello participants of Mailing List.<br>
<br>
For last time there were a lot of security predictions for new 2009 year<br>
(I&#39;ll do my own soon ;-)), but there was no security totals of last year,<br>
especially in web security field. At the least I didn&#39;t see such news.<br>
<br>
So here is my totals of web security&#39;s evolution in 2008<br>
(<a href="http://websecurity.com.ua/2788/"; target="_blank">http://websecurity.com.ua/2788/</a>). I made such totals last year and made it<br>
this time.<br>
<br>
1. Though in 2007 there were more security projects, but nevertheless in<br>
2008 I made some interesting projects: Day of bugs in Google Chrome<br>
(<a href="http://websecurity.com.ua/2406/"; target="_blank">http://websecurity.com.ua/2406/</a>), Day of bugs in browsers<br>
(<a href="http://websecurity.com.ua/2453/"; target="_blank">http://websecurity.com.ua/2453/</a>), Day of bugs in browsers 2<br>
(<a href="http://websecurity.com.ua/2573/"; target="_blank">http://websecurity.com.ua/2573/</a>).<br>
<br>
2. New phase of browsers wars has begun with release of Google Chrome, which<br>
showed together with his innovations, also multiple vulnerabilities.<br>
<br>
3. XSS vulnerabilities spread yet more and again became most widespread<br>
vulnerabilities in web applications.<br>
<br>
4. There was an increase of hackers&#39; activity. Particularly in Uanet an<br>
increase of hackers&#39; activity (<a href="http://websecurity.com.ua/2320/"; target="_blank">http://websecurity.com.ua/2320/</a>) at 200% in<br>
first half year of 2008 in comparison with similar period of 2007 (and as<br>
my additional data shows, which I&#39;ll publish soon, this index is more<br>
large).<br>
<br>
5. Fishing became more widespread and new technique of fishing attacks has<br>
appeared with using of Flash (<a href="http://websecurity.com.ua/2450/"; target="_blank">http://websecurity.com.ua/2450/</a>).<br>
<br>
6. Attacks with using of Insufficient Anti-automation vulnerabilities spread. Particularly attacks at captcha of popular webmail systems.<br>
<br>
7. There was an increase of attacks on social networks.<br>
<br>
8. New web worms were appeared, particularly Facebook Worm.<br>
<br>
9. There was an increase of numbers of web pages infected by viruses.<br>
Including in Uanet, where I often discovered infected web sites.<br>
<br>
Best wishes &amp; regards,<br>
MustLive<br>
Administrator of Websecurity web site<br>
<a href="http://websecurity.com.ua"; target="_blank">http://websecurity.com.ua</a> <br>
<br>
----------------------------------------------------------------------------<br>
Join us on IRC: <a href="http://irc.freenode.net"; target="_blank">irc.freenode.net</a> #webappsec<br>
<br>
Have a question? Search The Web Security Mailing List Archives: <a href="http://www.webappsec.org/lists/websecurity/archive/"; target="_blank">http://www.webappsec.org/lists/websecurity/archive/</a><br>
<br>
Subscribe via RSS: <a href="http://www.webappsec.org/rss/websecurity.rss"; target="_blank">http://www.webappsec.org/rss/websecurity.rss</a> [RSS Feed]<br>
<br>
Join WASC on LinkedIn<br>
<a href="http://www.linkedin.com/e/gis/83336/4B20E4374DBA"; target="_blank">http://www.linkedin.com/e/gis/83336/4B20E4374DBA</a><br>
<br>
</blockquote></div><br>

------=_Part_193567_21366799.1231892052512--

Follow-Ups:
- Re: [WEB SECURITY] Totals of web security's evolution in 2008
  - From: li bo

References:
- [WEB SECURITY] Totals of web security's evolution in 2008
  - From: MustLive

Prev by Date: [WEB SECURITY] Totals of web security's evolution in 2008
Next by Date: [WEB SECURITY] XSS Impact
Previous by thread: [WEB SECURITY] Totals of web security's evolution in 2008
Next by thread: Re: [WEB SECURITY] Totals of web security's evolution in 2008
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site