Today, DVLabs released our Top Cyber Security Risks Threat Report for 2010. With help from the folks at SANS, Qualys and OSVDB we highlight the latest attack and vulnerability trends, as well as explore what these trends mean to the security administrator.

In the report we explore data showing across-the-board increases in web application attacks in the face of relatively stable numbers of new web application vulnerability discoveries, indicating that more and more attackers are chasing the same set of vulnerable applications. We also show the latest ZDI vulnerability trends, including statistics on the rise in the number of identical zero day vulnerabilities independently discovered at roughly the same time by ZDI researchers and third party researchers.

Not only are these attacks becoming more common, but we explain in detail the alarming level of complexity and sophistication found in live, modern day SQL Injection, PHP File Include, and PDF Attacks. Gone are the days of simple, harmless Proof of Concept attacks. Modern day attackers employ organized, well written, and highly sophisticated exploit code to do their deeds.

Also, with help from Qualys, we analyze patch cycle trends of popular software and show how much of a positive improvement automatic patching features have on how fast users apply patches.

Finally with the help of SANS we detail from start to finish the anatomy of a PDF exploit, and how these exploits are used against their victims to exfiltrate data from the internal network.

If you are interested in any of the topics discussed in this year’s report, please be sure to download a free copy of the report located here.