The IBM X-Force security report for 2010 has shown organisations facing increasing vulnerabilities due to software failings and a multiplicity of endpoint devices.
Last year saw the largest number of software vulnerability disclosures since IBM began keeping records; 8,562 were recorded by the team, up 27 per cent on 2009. Almost half of these were web vulnerabilities, and this is key to organisations trying to manage their security infrastructure, the report found.
"Those are just the ones that are publically disclosed," Tom Cross, threat intelligence manager at IBM X-Force, told V3.co.uk.
"There are a lot of vulnerable web apps and we see huge surges in SQL injections and other attacks. It's a totally automated attack methodology to try and hit every web application they can."
Software manufacturers aren't helping, the report found. Over 40 per cent of vulnerabilities disclosed in 2010 had no patches available by the end of the year.
At the same time companies are having to deal with a range of mobile devices accessing corporate networks. So far there haven't been large-scale attacks on mobile networks but that will come soon, the report said.
"It's about the business model for the bad guys," Cross said. "For some of these new areas that business model hasn't developed yet, with mobile malware a case in point."
One of the advantages mobile software vendors have is the ability to block and remotely delete malicious applications, Cross said. Nevertheless vulnerabilities are there and, as mobile browser use increases, these will become more apparent.
Spam and phishing rates look to have levelled off for the time being, the report found. Spam rates have fallen slightly after years of rising aided by botnet takedowns.
More than three out of four phishing targets were American financial institutions, with 22 per cent of the rest in Europe. Phishing has, however, moved from larger institutions down to smaller banks and credit unions.
Geoengineering on the sea floor near glaciers would form a new ice shelf to prevent melting
Alterations in capillary blood flow can be caused by body position change
Curiosity rover is in 'normal mode' but not transmitting scientific data back to base
NatWest outage comes a day after Barclays' IT systems shut out customers and staff