S21sec presents its first ‘Vulnerability Report’ prepared by the Ecrime team integrating the experts of the company in charge of detecting and resolving Internet offences affecting organisations 24 hours a day, 365 days a year. This report gathers the information on vulnerabilities detected by S21sec during this last decade, from 2001 to December 2011, and it intends to build an image of the main threats currently affecting companies and institutions, as well as users.
This ‘Vulnerability Report’ includes all the vulnerabilities detected during the last year. 2011 has been a year marked by the appearance of a large number of high-risk vulnerabilities and the number of vulnerabilities remained relatively constant between months, except for March. The third month of the year registered a high number of vulnerabilities on Apple software which affected a large number of their products, such as iTunes, Safari, Apple IIOS, Mac OSX and iPhones IOS, among others.
We have detected an increase of vulnerabilities during 2011, with growing remote exploitation of vulnerabilities and a sophistication of industry-oriented Trojans such as the case of Stuxnet or Duqu. However, a changing tendency can be observed in browsers where a change can be seen in the exploitation of vulnerabilities from Firefox to Chrome as the latter is reaching the highest market share.
During this year we will still see increasing vulnerabilities to mobile devices with operating systems such as Android or iPhone OS. There are currently 5,600 million mobiles in use (around 77% of the world population has one), amongst which 468 million are Smartphones and this number is estimated to reach 631 million by 2015, thus, logically, the risk of vulnerabilities will also increase to more users and more devices.
This ‘Vulnerability Report’, prepared by the S21sec Ecrime unit, can be downloaded here.