Exploitations and malware report from Fortiguard Center - December 2008 edition

Top 10 Exploitations

Top 10 exploitation attempts detected for this period, ranked by vulnerability traffic. Percentage indicates the portion of activity the vulnerability accounted for out of all attacks reported in this edition. Severity indicates the general risk factor involved with the exploitation of the vulnerability, rated from low to critical. Critical issues are outlined in bold:
RankVulnerabilityPercentageSeverity
1Trojan.Storm.Worm.Krackin.Detection59.5High
2MS.IIS.Web.Application.
SourceCode.Disclosure
2.5Medium
3Danmec.Asprox.SQL.Injection2.0High
4TCP.PORT01.8Low
5SSLv3.SessionID.Overflow1.6High
6MS.Exchange.Mail.Calender.Buffer.Overflow0.8High
7MS.Network.Share.Provider.Unchecked.
Buffer.DoS
0.8High
8MS.IE.HTML.Attribute.Buffer.Overflow0.8High
9MS.SQL.Server.Insert.Statements.
Privilege.Elevation
0.7High
10MS.SMB.DCERPC.SRVSVC.
PathCanonicalize.Overflow
0.6High

Malware Today

Top 10 Variants

Top 10 malware activity by individual variant. Percentage indicates the portion of activity the malware variant accounted for out of all malware threats reported in this edition. Top 100 shifts indicate positional changes compared to last edition's Top 100 ranking, with "new" highlighting the malware's debut in the Top 100. Figure 2 below shows the detected volume for the malware variants listed within the Top 5:
RankMalware VariantPercentageTop 100 Shift
1W32/Zbot.GXN!tr.spy7.1new
2W32/Netsky!similar6.6+5
3Spy/OnLineGames6.0+75
4HTML/Iframe_CID!exploit5.9+4
5HTML/Iframe.DN!tr.dldr5.8+5
6W32/Virut.A5.2+3
7W32/Small.AACQ!tr.dldr3.7+12
8W32/Basine.C!tr.dldr3.4+3
9W32/AutoRun.SEH!worm2.4new
10W32/MyTob.BH.fam@mm2.2+4


Source: http://www.fortiguardcenter.com