SANS Highlights Twenty Top Hacker Targets
During its yearly appraisal of the biggest security troubles detected this year, the SANS Institute on November 15, 2006 named zero-day strikes and human naivety as being responsible for phishing attacks or several social engineering activities to be amongst the grim practices of 2006. SANS Institute and security specialists from the technology sector and government establishments alert against network traits that could compromise an organization.
SANS has highlighted some regular defendants in its list of leading 20 strike victims, - incorporating Microsoft Windows, Internet Explorer browser, and Web applications. However, a significant fact is that danger against current technologies is greater.
A noticeable rise in zero-day strikes aiming unpatched flaws also indicates difficulties for client's hoping to progress. Microsoft's browser Internet Explorer has been cited as one of the Web's leading 20 cyber-terrorist victims by a foremost security company. On November 15, 2006, the SANS Institute confirmed Microsoft Office and Windows Libraries and Services to be among the weakest programs accessible on PCs nowadays.
Both Microsoft and Apple Computer's Mac OS X with "configuration flaws" in Unix were classified in the yearly catalog.
The strike patterns indicate a constant move beyond the previous "loud," conspicuous virus and worm strikes, to more surreptitious strikes through trojans and other malicious software, declared Alan Paller, research director of SANS, at a press conference.
A spurt in Internet application strikes in 2006, has forced the organizations to reconsider the need to concentrate in this area, stated SANS's chief technology officer Johannes Ullrich.
TippingPoint's chief scientist Rohit Dhamankar, also a SANS member, clarified some recent security risk patterns.
"We've witnessed many zero-day flaws during 2006. Another important concern is the increasing strikes on Internet applications. A sustained increase in 'spear-phishing' strikes from Asia and Eastern Europe has also been reported." Therein spear-phishers, send e-mails resembling corporate messages to a certain set of individuals in that firm, who may be encouraged into opening its malevolent contents.
SANS also cited Web applications, media players, peer-to-peer (P2P) file-sharing code, VoIP (Voice over Internet Protocol) telephones and persons as few of the simplest victims for cyber-terrorists.
Related article: SMEs in Britain Widely Suffer from E-Crime
» SPAMfighter News - 20-11-2006