Hi quod

You asked about malware and vulnerabilities? I would guess that maybe 95% of malware written in the last 6 months use "vulnerabilities", generally in the operating system.

Viruses are by far the oldest malware, and tend to rely on stealth & infection. Trojans tend to rely on User stupidity to run them. Worms just travel the net, and frequently rely on an unwary user to unleash them. Some are network aware, and use vulnerabilities in the OS.

DoS and DDoS attacks rely on machines having already been taken over. Of themselves, they just generate massive traffic to swamp a target. The means of the "bots" getting taken over might be by exploitation of a vulnerability, but could be a trojan that an unsuspecting user has launched? probably from an e-mail attachment.

Nukes and vandals are crude, full frontal destructive assaults. They may or may not exploit vulnerabilities in the operating system. (Buffer overflows and suchlike)

I think the message is that current trends are for exploits based on vulnerabilities in the operating systems, rather than the stealth and infection that I usually associate with viruses.

We have actually seen a decline in the social engineering approach I think....that is where the User is fooled into opening an attachment (running a script) that loads the malware.

To make things even more complicated, there has been a trend of late for malware to use more than one method, so thay don't fall nicely into categories any more.

Now that I am sure I have totally confused you, I might as well join DeafLamb and get drunk

Have a good week-end

EDIT: Sites?...Try CERT, CIAC and the Microsoft Security Bulletins themselves.


Cheers