A combination of old and new threats shaped the cybersecurity landscape in Q1 2015, according to Trend Micro's Period Roundup. The study, called “Bad Ads and Zero-days: Reemerging Threats Challenge Supply Chain Trust and Best Practices,” highlights malvertising, the exploitation of zero-day vulnerabilities, old macromalware and the FREAK vulnerability – which has been around for more of a decade. The report reinforces how complacency can present greater cybersecurity risks in an era where the existence of the margin of error has been significantly diminished.
According to Trend Micro, the BEDEP zero-day vulnerability, distributed through malvertising, had a significant growth from the last quarter of 2014 to the first quarter of 2015. At the end of last year, only seven infections were recorded. Earlier this year, there were more than 7,000. The vulnerability allows the attacker to include the infected device in botnet operations, in addition to enabling fraud and malware download.
"Although we are at the beginning of the year, it is clear that 2015 is shaping up to be remarkable in terms of volume, ingenuity and sophistication of attacks. The increase in attacks through malvertisements shows that technology users are being assaulted by all Businesses and individuals alike need to be equally proactive in protecting against threats, adopting an aggressive security posture to keep financial, personal and intellectual property secure," said Raimund Genes, CTO at Trend Micro.
Adware also topped the list of mobile threats, with Trend Micro now documenting over five million Android threats. More than 2,000 apps of the genre were found on Google Play and it is estimated that they infected millions of devices before being removed from the store.
Trend Micro researchers also discovered zero-day exploits that targeted software that uses Adobe and no longer require the victim to visit or interact with malicious websites to become infected.
The full study is available at: http://www.trendmicro.com/vinfo/us/security/roundup/.
EN 
PT 
