Threatscape Report from Fortunet - April 2009 Edition

Top 10 exploitation attempts detected for this period, ranked by vulnerability traffic. Percentage indicates the portion of activity the vulnerability accounted for out of all attacks reported in this edition. Severity indicates the general risk factor involved with the exploitation of the vulnerability, rated from low to critical. Critical issues are outlined in bold:
Rank Vulnerability Percentage Severity
1 SSLv3.SessionID.Overflow 9.3 High
2 SMS.SQL.Server.Empty.Password 8.4 High
3 MS.DCERPC.NETAPI32.Buffer.Overflow 5.5 Critical
4 MS.SMB.DCERPC.SRVSVC.
PathCanonicalize.Overflow
4.6 High
5 MS.IE.HTML.Attribute.Buffer.Overflow 4.0 High
6 MS.Windows.NAT.Helper.DNS.Query.DoS 3.7 High
7 MS.Windows.ASN.1.Bitstring.Overflow 1.4 High
8 FTP.Bounce.Attack 1.2 High
9 LPD.Command.Buffer.Overflow 1.0 High
10 Oracle.sys.pbsde.init.Buffer.Overflow 0.9 Medium

Top 10 malware activity by individual variant. Percentage indicates the portion of activity the malware variant accounted for out of all malware threats reported in this edition. Top 100 shifts indicate positional changes compared to last edition's Top 100 ranking, with "new" highlighting the malware's debut in the Top 100.
Rank Malware Variant Percentage Top 100 Shift
1 W32/Virut.A 8.2 -
2 W32/Dropper.PTD!tr 6.2 new
3 W32/OnlineGames.MIG!tr.pws 5.7 new
4 Spy/OnLineGames 5.6 +1
5 W32/Agent.JNR!tr 4.8 new
6 HTML/Iframe.DN!tr.dldr 4.8 -3
7 W32/Netsky!similar 4.2 -5
8 HTML/Iframe_CID!exploit 3.8 -4
9 Adware/AdClicker 3.0 new
10 W32/MyTob.fam@mm 2.8 -3


Source: http://www.fortiguardcenter.com