M86 Security released a new report revealing its Security Labs research
results based on the primary attack vectors on the Web and how the common
approaches used to fend off these attacks stand up in today’s dynamic threat
The report titled "Closing the Vulnerability Window in Today’s Web
Environment,” discloses both quantitative research on the percentage of Web
threats correctly identified by URL filtering (3%) and Anti-virus scanning (39%)
over the course of last month and three real-life studies of specific attacks,
which are increasing in frequency: dynamic obfuscated code, hacking of
legitimate Websites, and zero-day vulnerabilities.
In February 2010, Security Labs collected and tested more than 30,000 live
malicious URL samples against the typical tools of third-party URL lists and
anti-virus scanners. The analysis found that in the best case scenario, 6 in 10
malicious URLs pass unnoticed through anti-virus scanners and URL filtering,
even when these two approaches are used together.