‫ Microsoft Security Intelligence Report (2nd section)

Number: IRCRE201411183
Date: 2014-11-30
Volume 17 of the Microsoft Security Intelligence Report (SIRv17) provides in-depth perspectives on software vulnerabilities, software vulnerability exploits, malicious and potentially unwanted software, and security breaches. Microsoft developed these perspectives based on detailed trend analysis over the past several years, with a focus on first and second quarters of 2014.You can see the second section of the report in the following post.
Malware and Potentially Unwanted Software
The information in this section was compiled from telemetry data that was generated from more than 1 billion computers worldwide and some of the busiest services on the Internet.
Malware prevalence worldwide
The following table shows the locations with the most computers reporting malware detections in 1H14.
Encounter and infection rates generally declined in 2Q14 because of significant declines for the trojan families Win32/Wysotot and Win32/Sefnit.
The worm family VBS/Jenxcus was particularly prevalent in Latin America, India, and the Middle East. It was the most commonly detected family in Brazil and Mexico in 2Q14 and the second most common family in India, but ranked only 54th in Germany and 57th in the United States.
Threat categories
The following figure shows encounter rates for significant threat categories, July 2013–June 2014.
Totals for each time period may exceed 100 percent because some computers report more than one category of threat in each time period.
Encounters with most categories of malware decreased or were mostly stable between 1Q14 and 2Q14. Exploits was the only category to show a significant increase, led by JS/Axpergle (a detection for the Angler exploit kit) and JS/Neclu (a detection for the Nuclear exploit kit).
The Trojans category, the most commonly encountered category in 1H14, decreased in both the first and second quarters of the year, aided by a 61 percent decline in detections of Win32/Wysotot between 4Q13 and 2Q14.
Encounters involving Adware dropped by nearly a third as several significant adware families retreated from peak levels in 1Q14 or 4Q13, due in part to refined detection criteria.
The Backdoors, Password Stealers & Monitoring Tools, Browser Modifiers, Ransomware, and Other Malware categories all remained stable at around 0 to 1 percent each quarter and are not shown in this figure.
Threat families
The following figure lists the top 10 malware families that were detected on computers by Microsoft real-time antimalware products worldwide in 1H14, with other quarters included for comparison.
Malware encounter rates for domain-based and non-domain computers, 3Q13–2Q14, by category.
Email Threats
Spam Messages Blocked
The information in this section of the Microsoft Security Intelligence Report is compiled from telemetry data provided by Microsoft Forefront® Online Protection for Exchange (FOPE), which provides spam, phishing, and malware filtering services for thousands of Microsoft enterprise customers that process tens of billions of messages each month.
The following figure shows messages blocked by Exchange Online Protection in July 2013–June 2014, by month.
Blocked mail volumes in 1H14 were consistent with 2H13, and remain well below levels seen prior to the end of 2010. The dramatic decline in spam observed since 2010 has occurred in the wake of successful takedowns of a number of large spam-sending botnets, notably Cutwail (August 2010) and Rustock (March 2011). In 1H14, Exchange Online Protection determined that about one in three email messages did not require blocking or filtering, compared to just one in 33 messages in 2010.
Related Link:


بدون نظر
شما برای نظر دادن باید وارد شوید


تاریخ ایجاد: 10 آذر 1393



امتیاز شما
تعداد امتیازها:0