During his speech, Schouwenberg highlighted a recent surge in "legitimate website" attacks. Pornographic Web sites and sites offering illegal software downloads are no longer the primary target for cyber criminals.
While Web browsers and operating systems are still under threat, cyber criminals are also turning to other applications. This is for a number of reasons, including simplistic security coding, a reluctance by users to pay for new updates and the widespread use of pirated software. According to Kaspersky Lab's research, major targets include Apple QuickTime, Sun Java JDK/SRE, Microsoft PowerPoint, Microsoft Word Smart Tag, Adobe Flash Player, Microsoft Excel, Microsoft Outlook, Microsoft XML Core Services, Microsoft Publisher and Adobe Acrobat Reader. Microsoft, Adobe and Apple remain the most commonly targeted vendors.
Malicious PDFs and Office documents remain a popular means of sending targeted attacks via e-mail. Schouwenberg also discussed the inner workings of the Kaspersky Security Network, a new tool for home users that gathers statistics from vulnerable applications during each system scan. This information can then be used by Kaspersky Lab researchers to combat future attacks.
Schouwenberg listed several ways to fight the malware problem, including blocking computer access to known malicious Web sites, behavioural monitors that look for suspicious activity, scanning the system for vulnerable applications and educating end users.