639 Web browser vulnerabilities and 35 SCADA vulnerabilities found in Symantec Study

The Symantec Internet Security Threat report of 2014 released recently indicates that in 2014 6549 new vulnerabilities were reported as compared to 6787 in 2013.


Out of these,  there were 891  Web Browser vulnerabilities which  are a serious threat to ordinary Netizens.


As can be observed from the above table, the total number of vulnerabilities in the 5 major browsers declined from around 891 in 2012 to 591 in 2013 and again went up to 639 in 2014. Internet explorer recorded the highest number of vulnerabilities at 282 while Opera appeared to be the most secure browser.

Browser plug ins including Adobe Reader, Flash Player, Apple Quicktime, Microsoft Actve X as well as Firefox extensions and Java constituted additional vulnerabilities.

Inference is that using Opera web browser and avoiding plug ins could reduce the risks of being exploited by these vulnerabilities.

The study has also tried to track what it calls as ICS vulnerabilities. These represent the vulnerabilities with Industrial Control Systems including SCADA (Supervisory control and data acquisition) systems of the type attacked by Stuxnet virus in the past.

ICSs are typically used in industries such as electrical, water, oil, and gas. Based on data received from remote stations, automated or operator-driven supervisory commands can be pushed to remote station control devices.

This is of special interest to non IT manufacturing companies who have a huge stake in terms of exploitation particularly by Cyber terrorists. It is also of relevance to Secure Digital India where stakes are being placed on Smart Cities.

Siemens products continue to find a place in the list of such vulnerabilities along with Advantech WebAccess and Schneider electric products. A total of 35 such vulnerabilities have been disclosed in the report.

Industries using such products should pay special attention to these vulnerabilities and Cyber Insurers and CISOs also need to take special note of such vulnerabilities.


Share Button
Print Friendly

Adobe accounts for 65% of Zero Day Vulnerabilities

The Symantec Internet Threat Study indicates that in 2014, there were 24 Zero day vulnerabilities as compared to 23 in 2013.


Zero-day vulnerabilities are vulnerabilities against which the vendor has not released a patch. The absence of a patch  presents a threat to organizations and consumers alike, because in many cases this type of threat can evade purely signature-based detection techniques used by Anti malware software until a patch is released.

The zero day vulnerabilities if found by the fraudsters, will be exploited by them more easily than otherwise.  Some times the vendors come to know of the vulnerabilities but are unable to release a patch and for fear of reputation and business loss remain silent and  not announce the presence of unpatched vulnerabilities. This makes them complicit to the frauds that occur and should make them legally liable if law takes its normal view on such “negligence”.

When a Cyber Insurer has provided a liability insurance, he is also at a great disadvantage when Zero day vulnerabilities are exploited since security professionals may find it difficult to counter threats targeting such vulnerabilities.

The Study lists the 24 Zero day vulnerabilities found in 2014 and it is observed that 16 of them relate to Adobe. It includes vulnerabilities in Adobe Flash player as well as Reader. Microsoft accounts for 7 and the other is on Linux.

The study notes that their data base has over 62300 vendors of whom 62400 recorded vulnerabilities have been found.  It also states that the top 5 vulnerabilities were exploited for a combined period of 295 days during the year highlighting the risks that we are facing.


Share Button
Print Friendly

1 million new threats a day..is what Internet users face..says Symantec Study

The recently released Cyber Crime study released by Symantec captures the status of the Internet risks in 2014. Titled Internet Security Report (ISTR 20), the report with its annexures provides an indepth insight into the threats and vulnerabilities that most of us face on a day to day basis.

The first thing that any observer of Internet should note is that the study points out that in 2014, there were more than 317 million new pieces of malware created during the year meaning that there were nearly 1 million each day (leaving Sundays).

What is equally alarming is that the study points out that Symantec data base of vulnerabilities consist of 66400 recorded vulnerabilities from 21300 vendors representing over 62300 products.

With such a huge number of vulnerabilities in genuine software and the vast number of threats, the Cyber Risk poses an enormous challenge to everybody.

The report in fact marks that the year 2014 was notable because of the high profile “Vulnerabilities” such as “Heartbleed”, “ShellShock” and “Poodle”.

Another interesting observation that the study points out that apart from focussing on exploitation of Zero day Vulnerabilities, attackers moved much faster to exploit published vulnerabilities than the defenders moving in to release patches.

During the year 24 Zero Day vulnerabilities were discovered. Vendors took 204 days, 22 days and 53 days to release patches for the three top Zero day vulnerabilities. Top 5 Zero day vulnerabilities were used by attackers actively for a combined 295 days before patches were available. In 2013 this period on an average was only 4 days highlighting the increasing risk that the community faced during the year due to the inefficiency of the software industry.

These findings indicate that there is a lot of ground that the industry has lost to the Cyber Crime industry and this needs to be recovered.

We need to analyse the report in greater depth to understand how the growth of Mobile apps on the one hand and Cyber terrorism on the other has contributed to the growing insecurity in the Cyber world.

The findings of this report will inevitably have an impact on the Cyber Insurance industry which needs to take a re-look at its policies. premia etc.

(More details of the report would be discussed in the forthcoming articles)


Share Button
Print Friendly

Beware of this Call from 90699 35661

Today, I received a telephone call from the mobile number 90699 35661 which appears to be an attempted fraud. I am placing this for public attention so that people donot respond to the call. At the same time, the Internet Service Provider involved namely, Videocon is being notified for necessary corrective action.

The caller who was a lady made a call to my mobile at 14.50 hours and stated that she was calling from Consumer Court in Delhi and was informing that a 420 case has been filed on me. When I asked for the name of the person and further details of which court, she disconnected.  Afterwards, when I tried to call back, there was no response.

Some of my friends have subsequently informed me that they are aware of such calls and in one case the caller suggested help to resolve the case through a lawyer and wanted the person to contact the lawyer.

I would like the public to be informed of such fraudulent calls and request them not to respond.

I also hereby give public notice to the Mobile Service Provider which according to information taken from the web appears to be Videocon in Himachal Pradesh that this incident indicates that they are abetting a crime by providing facilities of telephone connectivity to the fraudster.

I am expecting them to take action to deactivate the account to prevent any further frauds.

I also expect Police in the relevant area to take suo moto action since this is not an isolated attempt but is an organized syndicate that is running a call center to commit such frauds. I wish some responsible police officer takes up this case and busts the racket.



Share Button
Print Friendly

Paris Attack Fall out.. Bitcoin is in danger of going into Extinction.

One of the inevitable fall outs of the global outrage on ISIS after the Paris attack is an attempt by all countries to choke ISIS of its funding sources.  It is estimated that ISIS holds a huge stock of Bitcoins  which is the known standard currency for cyber criminals and terrorists.

After the Silk Road expose, Bitcoin suffered a major blow as it acquired the notoriety as the choice currency of the underworld. However it was slowly coming out of the reputation crisis and trying to re-establish itself on the strength of the momentum gained by a large number of non criminal owners of Bitcoin.

From its glorious days of 2014 when Bitcoins were valued at over Rs 65000/- in India, the value has now tumbled down to around 20940/-  at present. In the last two days, the international price of BTC has dropped from around $340 to around $315. In the current trend it may test the $250 support line and head further south.


The current crisis now has brought global attention on Bitcoins and many Governments are considering “Demonetizing” (Banning) Bitcoins.   It is interesting to note that the readers of mirror.co. uk have voted  in a 53% majority (as of now) that Bitcoin should be banned. (Read this article in mirror.co.uk)

With Bitcoin having now been flagged as the currency used by ISIS, more countries may move in to ban the currency. This could seriously threaten the very existence of Bitcoin.

This does not mean that this is the end of the “Crypto Currency” as a means of digital payment system though for many Bitcoin is a synonym for “Crypto Currency”.  But Bitcoin has been tainted to such an extent that most of the Bitcoin holdings might have once passed through an illegitimate transaction and hence carry the tag of “criminality”. Legally, Bitcoin being a commodity, a “Stock once tainted remains always tainted”. Hence a majority of Bitcoins (unless they have been mined by the holder or a known source) will be considered as illegal even if the holder has bought it with his hard earned taxed and declared income. It is difficult therefore to see a recovery of the value of Bitcoins in the near future.

In the meantime, Anonymous Hacker group has vowed to take the war into the ISIS camps and is trying to identify the Bitcoin wallets owned by ISIS. It would be in the interest of the Bitcoin community if ISIS holdings of Bitcoins can be identified and disabled so that the ISIS taint can be removed to some extent.

It is therefore advisable for all genuine holders of Bitcoin who are holding Bitcoin as an investment to immediately exit and cut their losses. The value is expected to drop further in the next few days and it will be a long time before it recovers if it recovers at all.



Share Button
Print Friendly

Beware of Malware carrier and Hoax emails on ISIS-Paris attack themes

As could be expected after any global catastrophic event, the ISIS attack in Paris has also given raise to fraudulent e-mails. Some of them could be hoax emails and some could be carrying malware prompting the receiver to click on a link.

Public should be careful not to fall prey to such e-mails.

Some of these e-mails or messages are also circulating in WhatsApp.

Some of the reported hoax mails/messages  are:

  1. Singapore  PoliceNotice




2. We All Paris Hoax


These may be considered as indicators of what is to be expected. Some of the fraudsters will include spear phishing mails which may say some thing as follows :

” Police in Paris identify an employee of xxx company as a suspect of Paris attacks. Click here for the photo released by the Police.”

Such an email may be sent to all employees of an organization named in the e-mail prompting them to immediately open the e-mail and see which of their colleague is a suspect and invite a malware.

Public should therefore be extremely careful to avoid opening any attachments in an e-mail and also avoid circulating hoax mails in the belief that it is true. Such forwards may entrap the receivers since they would consider it as a message coming from a known person.


Share Button
Print Friendly