The U.S. has the dubious honor of hosting more malicious web domains than any other country, a cybersecurity firm said this week.
A distant second was the Netherlands and even more distant were Russia and China, tied at seventh place, Palo Alto Networks said in a report this week, covering the second quarter. In fact, there was a steep drop-off of malicious domains hosted in Russia and China compared to the first-quarter, as China fell from the No. 2 spot, Palo Alto said.
Outside of the U.S. and the Netherlands, “hosted malicious domains dropped markedly across the globe,” the report added.
The U.S. also topped the rankings for exploit kits – used to launch attacks – at researchers. The U.S. was the number one source for the Grandsoft, Sundown, and Rig exploit kits and the number two for KaiXin.
The United States alone accounted for more exploit kits globally than all other countries combined, the report said.
Windows applications, and their vulnerabilities, remain very popular with attackers.
A vulnerability, identified as CVE-2016-0189, was at the top of the list, affecting Microsoft Internet Explorer and Microsoft Visual Basic programming language. This jumped to 472 malicious URLs in the second quarter, up from 219 in the first quarter.
The number two – and newest – vulnerability (CVE-2018-8174) also targeted Visual Basic and was exploited by 291 malicious URLs, the researchers said.
This took advantage of the “Double Kill Version 1” exploit. The researchers found the first active exploit in the wild on May 12, four days after a fix was issued. “It is interesting to point out that it took four days for threat actors to create and weaponize the exploit after Microsoft’s disclosure of the vulnerability,” the researchers said.
Surprisingly, malware still exploits security holes discovered more than nine years ago in Windows.
A nine-and-a-half-year-old Microsoft Internet Explorer 7 vulnerability ranked high as did another equally-old vulnerability that affects Microsoft Internet Explorer 5, 6 and 7, Palo Alto Networks researchers said.
Cybercriminals are not picky “as long as they get to infect a good amount of computers,” according to cybersecurity news site Bleeping Computer, which cited the report.
Adobe Reader was also a popular target.
“Based on our findings, our guidance is for organizations to focus on ensuring Microsoft Windows and Adobe Flash and Reader are fully up to date with the latest versions and security updates,” Palo Alto Networks said.
An online game for “The Lord of the Rings” was announced on Tuesday. (New Line Cinema) Will this be the “one game to rule them all”? “The Lord of the Rings” is getting a “multi-year” online game as the result of an arrangement between Athlon Games and Middle-earth Enterprises, according to a Tuesday news release. Middle-earth...
Fears of a Terminator-style robot war could prevent society benefiting from artificial intelligence, an expert has warned. Prof Jim Al-Khalili says AI could lead to a bigger revolution than the internet, if the public learns about the science rather than the science fiction. In the Terminator films, starring Arnold Schwarzenegger, an artificial intelligence system called...