[WEB SECURITY] Totals of web security's evolution in 2008

MustLive mustlive at websecurity.com.ua
Wed Jan 14 16:25:18 EST 2009


As I tell people in such cases, after Google added support of Ukrainian
into their service, use Google Translate to read my site on English:

In this case I wrote on English (for mailing list) my totals of web
security's evolution in 2008. All pages mentioned in the text are on
Ukrainian (so Google Translate can help you).

> Do you have an english version of these links??
> 2009/1/13 MustLive <mustlive at websecurity.com.ua>>
>> Hello participants of Mailing List.
>> For last time there were a lot of security predictions for new 2009 year
>> (I'll do my own soon ;-)), but there was no security totals of last year,
>> especially in web security field. At the least I didn't see such news.
>> So here is my totals of web security's evolution in 2008
>> (http://websecurity.com.ua/2788/). I made such totals last year and made
>> it
>> this time.
>> 1. Though in 2007 there were more security projects, but nevertheless in
>> 2008 I made some interesting projects: Day of bugs in Google Chrome
>> (http://websecurity.com.ua/2406/), Day of bugs in browsers
>> (http://websecurity.com.ua/2453/), Day of bugs in browsers 2
>> (http://websecurity.com.ua/2573/).
>> 2. New phase of browsers wars has begun with release of Google Chrome,
>> which
>> showed together with his innovations, also multiple vulnerabilities.
>> 3. XSS vulnerabilities spread yet more and again became most widespread
>> vulnerabilities in web applications.
>> 4. There was an increase of hackers' activity. Particularly in Uanet an
>> increase of hackers' activity (http://websecurity.com.ua/2320/) at 200%
>> in
>> first half year of 2008 in comparison with similar period of 2007 (and as
>> my additional data shows, which I'll publish soon, this index is more
>> large).
>> 5. Fishing became more widespread and new technique of fishing attacks
>> has
>> appeared with using of Flash (http://websecurity.com.ua/2450/).
>> 6. Attacks with using of Insufficient Anti-automation vulnerabilities
>> spread. Particularly attacks at captcha of popular webmail systems.
>> 7. There was an increase of attacks on social networks.
>> 8. New web worms were appeared, particularly Facebook Worm.
>> 9. There was an increase of numbers of web pages infected by viruses.
>> Including in Uanet, where I often discovered infected web sites.
>> Best wishes & regards,
>> MustLive
>> Administrator of Websecurity web site
>> http://websecurity.com.ua 

Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn

More information about the websecurity mailing list