Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Java Attacks Jump as User Patching Lags: Kaspersky Lab

A new study by researchers with Kaspersky Lab found that the number of attacks on their customers exploiting Java reached more than 14 million between September 2012 and August 2013.

A new study by researchers with Kaspersky Lab found that the number of attacks on their customers exploiting Java reached more than 14 million between September 2012 and August 2013.

The situation may be exacerbated by many users not keeping up to date with patches. According to Kaspersky Lab, of the 161 vulnerabilities detected in various versions of Java during the life of the study, most were in versions 1.5, 1.6 and 1.7, which are the most prevalent versions of the software.

“Remarkably, SE 6 U37 — released back in October 2012 — was the most recent version of Java 1.6 in the Top 10 most commonly used versions,” according to the report. “The conclusions are obvious: one and a half months after the release of the latest version of Java, most users are still working with vulnerable versions.”

Java security has had a rough year from both a security and a public relations standpoint. The presence of high-profile vulnerabilities and activity by attackers arming exploit kits with attack code prompted Oracle in January to pledge security improvements and additional outreach to educate the Java user community.

According to Kaspersky, the increase in attacks represents more than 33 percent increase since September 2011 and August 2012. Fifty percent of all the attacks were launched using just six families of Java exploits.

Most of the attacks (80 percent) between occurred in 10 countries, with the top three being the United States, Russia and Germany.  

A slight uptick in attacks was detected between March and August, when 8.54 million of the attacks were observed. During that period, 31.14 percent of the attacks were traced to servers hosted in the United States. Roughly 18 percent of the attacks were found to have originated in Russia.

“Oracle has patched all critical vulnerabilities, and information about these patches was disclosed during the period addressed in this report,” Kaspersky’s report noted. “In some cases, just a couple of days passed before a patch was released. All the same, the number of attacks and the number of users subjected to these attacks continued to rise.”

Written By

Click to comment

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Malware & Threats

Cybercrime in 2017 was a tumultuous year "full of twists and turns", with new (but old) infection methods, a major return to social engineering,...

Malware & Threats

Norway‎-based DNV said a ransomware attack on its ship management software impacted 1,000 vessels.