(CP) - Highlights of Symantec's 10th Internet security threat report:
-Microsoft Internet Explorer most frequently targeted web browser; accounted for 47 per cent of all browser attacks.
-United States target of the most denial-of-service attacks - 54 per cent of worldwide total - while Internet service providers most frequently targeted sector.
-United States top country of attack origin, 37 per cent of worldwide total.
-Symantec documented 2,249 new vulnerabilities in first six months of 2006, up 18 per cent over second half of 2005, highest ever recorded in a six-month period.
-Web-application vulnerabilities made up 69 per cent of all vulnerabilities in reporting period.
-Eighty per cent of newly disclosed vulnerabilities considered easily exploitable, with 78 per cent of that total affecting web applications.
-Internet Explorer had average window of exposure of nine days, followed by Apple Safari at five days and Mozilla one day.
Malicious Code Trends
-Eighteen per cent of all distinct malicious code samples detected by Symantec "honey-pot" system in first six months of 2006 not previously seen.
-Most prevalent new malicious code was Polip family of polymorphic viruses, elusive and hard to remove.
-Worms made up 38 of top 50 malicious codes.
-Symantec documented 6,784 new Win32 viruses and worms.
-Thirty of top 50 malicious code samples exposed confidential information.
Phishing and Spam
-Symantec detected 157,477 unique phishing messages in first half of 2006, up 81 per cent over previous reporting period, with financial services most heavily phished.
-Spam made up 54 per cent of all monitored e-mail traffic, up 50 per cent.
-U.S. source of 58 per cent of all spam detected worldwide.
-Use of polymorphic viruses likely to grow because they're hard to detect and remove.
-Growth of web-based applications will increase attack potential, exposing large numbers of users to more attacks.
-Microsoft's Windows Vista operating system, scheduled for release in 2007, likely to be a battleground as researchers try to find and document its shortcomings and hackers try to circumvent its new security features.