[WEB SECURITY] Totals of web security's evolution in 2008

Luis Matus matus.investiga at gmail.com
Tue Jan 13 19:14:12 EST 2009


Do you have an english version of these links??

2009/1/13 MustLive <mustlive at websecurity.com.ua>

> Hello participants of Mailing List.
>
> For last time there were a lot of security predictions for new 2009 year
> (I'll do my own soon ;-)), but there was no security totals of last year,
> especially in web security field. At the least I didn't see such news.
>
> So here is my totals of web security's evolution in 2008
> (http://websecurity.com.ua/2788/). I made such totals last year and made
> it
> this time.
>
> 1. Though in 2007 there were more security projects, but nevertheless in
> 2008 I made some interesting projects: Day of bugs in Google Chrome
> (http://websecurity.com.ua/2406/), Day of bugs in browsers
> (http://websecurity.com.ua/2453/), Day of bugs in browsers 2
> (http://websecurity.com.ua/2573/).
>
> 2. New phase of browsers wars has begun with release of Google Chrome,
> which
> showed together with his innovations, also multiple vulnerabilities.
>
> 3. XSS vulnerabilities spread yet more and again became most widespread
> vulnerabilities in web applications.
>
> 4. There was an increase of hackers' activity. Particularly in Uanet an
> increase of hackers' activity (http://websecurity.com.ua/2320/) at 200% in
> first half year of 2008 in comparison with similar period of 2007 (and as
> my additional data shows, which I'll publish soon, this index is more
> large).
>
> 5. Fishing became more widespread and new technique of fishing attacks has
> appeared with using of Flash (http://websecurity.com.ua/2450/).
>
> 6. Attacks with using of Insufficient Anti-automation vulnerabilities
> spread. Particularly attacks at captcha of popular webmail systems.
>
> 7. There was an increase of attacks on social networks.
>
> 8. New web worms were appeared, particularly Facebook Worm.
>
> 9. There was an increase of numbers of web pages infected by viruses.
> Including in Uanet, where I often discovered infected web sites.
>
> Best wishes & regards,
> MustLive
> Administrator of Websecurity web site
> http://websecurity.com.ua
>
>
> ----------------------------------------------------------------------------
> Join us on IRC: irc.freenode.net #webappsec
>
> Have a question? Search The Web Security Mailing List Archives:
> http://www.webappsec.org/lists/websecurity/archive/
>
> Subscribe via RSS: http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>
> Join WASC on LinkedIn
> http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20090113/7226aa0c/attachment.html>


More information about the websecurity mailing list