The only good news in last week's report from security vendor Symantec Corp. is that the rate at which Internet vulnerabilities were being found leveled off at seven per day in the last six months of 2003. The bad news is that now those flaws are being exploited much more quickly.
A concern of security pros is the time from when a vulnerability is disclosed publicly--often by software makers, who publish patches at the same time--and when writers of worms or viruses write malicious code to exploit it. "We looked at the life cycle from vulnerability to attack, and we could see that the speed is consistently getting faster and faster," says Vincent Weafer, senior director of Symantec Security Response. Weafer compares the three weeks it took for the Blaster worm to emerge last August to the three days that elapsed between the recent leak of Microsoft source code and an attack based on that code. The compressed time leaves businesses increasingly vulnerable, since days or months can pass before typical companies deploy patches.
Compounding the problem is the fact that blended threats, such as viruses that install backdoors for hackers after successful infections, are on the rise. They tend to be more sophisticated and damaging. Blended threats make up more than half of the top 10 malicious-code submissions Symantec received in the latter half of 2003. Of the top 50 submissions, backdoor-capable code increased 123%.
[Interop ITX 2017] State Of DevOps ReportThe DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.