Cisco Points the Finger at Java as the Leading Indicator of Compromise

The Cisco 2014 Annual Security Report found that Java represented 91 percent of all Indicators of Compromise (IOCs) in 2013.

What that means is that the final payload in observed attacks was a Java exploit, Levi Gundert, technical lead, Cisco Threat Research, Analysis, and Communications (TRAC), explained to eWEEK.

The Java data comes into the Cisco threat report by way of the Sourcefire Vulnerability Research Team (VRT), which became part of Cisco in 2013 with the $2.7 billion acquisition of Sourcefire.

“I was surprised to see that the Java IOC number was 91 percent,” Gundert said. “There were a number of Java zero days that were used in various attacks, but there were also a ton of well-known Java vulnerabilities that were packaged into various exploit packs.”

Read the full story at eWEEK:
Java Primary Cause of 91 Percent of Attacks: Cisco

Sean Michael Kerner is a senior editor at Follow him on Twitter @TechJournalist.

News Around the Web