Welcome to the August edition of the Symantec Intelligence report. Symantec Intelligence aims to provide the latest analysis of cyber security threats, trends, and insights concerning malware, spam, and other potentially harmful business risks.
August was a big month for zero-day vulnerabilities, in which a total of 11 were reported. This is by far the largest number disclosed in a given month to-date.
Six of these zero-day vulnerabilities impact industrial control systems, devices used in industrial sectors and critical infrastructures, across five vendors. The vulnerabilities cover a wide range of possible attacks, including remote code execution and denial of service attacks.
Two further zero-day vulnerabilities were discovered in the Apple OS X operating system. When used in tandem, these two vulnerabilities can cause memory corruption in the OS X kernel and gain the attacker escalated privileges on the compromised computer.
These vulnerabilities come on the heels of a new OS X threat called OSX.Sudoprint. This threat exploits a local privilege escalation vulnerability in the OS X operating system, which was patched by Apple at the beginning of August. This threat comprised over 77 percent of the OS X threats we saw on OS X endpoints this month.
Ransomware attacks were down in August, where over 155 thousand attacks were detected. While ransomware attacks appear to be down to their lowest levels in the last 12 months, we have reason to believe that attackers have shifted tactics and are currently pushing fake security software, such as FakeAV threats, instead. However, crypto-ransomware continues to grow, setting another monthly high for the year.
In other news, the Transportation, Communications, Electric, Gas, & Sanitary Services sector was by far the most targeted sector during August, comprising 52 percent of all targeted attacks. Small businesses with less than 250 employees also made up the majority of organization sizes, where 78.4 percent of spear-phishing attacks were reported.
We hope you enjoy the August Symantec Intelligence Report. You can download your copy here.