Cyberdefenses are misdirected, report says
Organizations are finding it difficult to prioritize defense strategies against cyberattacks because most of them do not have an Internet-wide view of the attacks, according to a report from SANS Institute, the security training organization. As a result, two security risks--Web applications and phishing--carry the greatest potential for damage, even though users instead tend to concentrate on less-critical risks.The report, published by security training organization SANS Institute, amalgamates global data from security attacks on computers from March to August.
It identifies two main defense priorities for enterprise users. The first is targeted e-mail attacks, or spear phishing, that exploit client-side vulnerabilities in programs such as Adobe Systems' PDF Reader and Flash, Apple's QuickTime, and Microsoft's Office. These applications are described as the "primary initial infection vector used to compromise computers that have Internet access" and are the result of attackers taking advantage of "programming errors that are not being picked up by common vulnerability scanners."
The second priority is vulnerable sites. More than 60 percent of attacks are against Web applications and More...
09-15-2009 09:46
Current Focus
Latest News
- Snapshot of global internet speeds revealed
- China renews Google license, ending standoff
- U.S. aims to detect cyber infrastructure attacks: report
- Hackers target Microsoft Windows XP support system
- FCC to toughen internet rules
- Supreme Court rules on employer monitoring of cellphone, computer conversations
- Computer Experts Face Backlash
- Apple patent bid combines solar with touch screen
- Adobe reports critical flaw in Flash, Acrobat
- Google phases out Microsoft Windows use: report