Developments in Hacking, Cybercrime, and Malware Essay

The number one clear base flack of 2009 was Malicious PDF activity 49% of web based attacksattempts to deliver vindictive pdf content to victims through the web. The pdf attack is designed to performance arbitrary vulnerabilities in applications that are able to process pdfs. A successful pdf attack could agree the integrity and security of affected computers. (Symantec Corporation, 2009)The number two web based attack of 2009 was the Microsoft mesh Explorer ADODB.Stream Object file encloseation tenderness. This exploit accounted for 18% of the total number of web based exploits for the year.This photo allows hackers to install malicious files on a vulnerable computer when a substance abuser visits a website hosting an exploit. In order for this attack to be successful, an assaulter moldiness exploit an arbitrary vulnerability that bypasses mesh Explorer Security settings.Then the attacker can execute the malicious files that were installed by the initial security weakness . This vulnerability has been cognize since 2003, and patches have been released since 2004. This exploit exposes the fact that many computer systems were not being kept up to date. (Symantec Corporation, 2009)The number three most joint web based exploit of 2009 was the Microsoft Internet Explorer 7 uninitialized holding code execution vulnerability. This attack works by enticing a victim to open a malicious web page. Once a user opens the web page it gives the attacker the ability to execute unlike code on the victims computer. Since this is a browser based attack, it gives the hacker potentially more targets than relying on a plugin that may not get installed. (Symantec Corporation, 2009)The pate 3 Malware attacks of 2013 were W32.Downadup, W32.Sality, and W32.Ramnit. Although their names all begin with W32., each bug has its own way of exploiting a system. Lets take for shell the W32.Downadup. Thisworm has been around since 2008. This worm spreads by taking advantage of a remote code execution vulnerability found in Microsoft Windows emcee service RFC. This worm strives to block access to security related web sites while attempting to spread to protected network shares via brute force of weak passwords. The Security of the entire network is at stake with this worm. This virus demonstrates shows how of the essence(p) it is to keep servers and workstations updated with the latest virus definitions. (W32.Downadup.B, n.d.) The W32.Ramnit has been around since 2010. This worm is spread by infecting executable drives and removable drives. This malware steals bank usernames and passwords.Having a security policy prohibiting personalised drives from being used in the workplace is paramount. This type of attack could spring data loss if unmitigated. (Symantec Corporation, 2013) The W32.Sality is in my opinion the nastiest of all three bugs. What makes the W32.Sality oddly nasty is that it can infect executable files on local, removable, and shared drives . W32.Sality is known as an (EPO) or entry point obscuring polymorphic file infector. Essentially, its a sophisticate worm-like virus that ensures its survival by downloading other malware and change security software. One of the most damaging features of the W32.Sality virus is how it decentralizes colleague to peer networks with sophisticated code instruction that populates the network with infected computers. (W32.Sality., n.d.)ReferencesW32.Downadup.B. (n.d.). Retrieved June 26, 2014, from http//www.symantec.com/security_response/writeup.jsp?docid=2008-123015-3826-99 W32.Ramnit. (n.d.). Retrieved June 26, 2014, from http//www.symantec.com/security_response/writeup.jsp?docid=2010-011922-2056-99 W32.Sality. (n.d.). Retrieved June 26, 2014, from http//www.symantec.com/security_response/writeup.jsp?docid=2006-011714-3948-99 Symantec Corporation. (2009). Symantec Global Internet Security Threat Report Trends for 2009. Mountain View Symantec Corporation. Symantec Corporation. (2013) . Symantec Global Internet Security Threat Report Trends for 2009. Mountain View Symantec Corporation.