Computers have become a need and not a want anymore in the modern era. Without computer, human can’t perform most of their daily routine. One of the major functions of computer is to create, store and manage information. Therefore, it is important for users to have the basic knowledge to protect the data from losing, damaging, and misuse.
However, nowadays computer users are facing the threats of cyber crime, phishing, internet and network attacks such as computer viruses, worms and Trojan horses and back doors.
NOT SAFE!!!
Twenty years after the release of the Morris Worm, one of the first worms discovered on the Internet, the Web has proven to be the primary place where bad guys lurk, looking for poorly secured websites to plant malicious code. And, they find plenty.
According to the 2009 Security Threat Report [PDF] from Sophos, one new infected Web page is discovered every 4.5 seconds. With that in mind, we thought we'd take a look at the top security threats you should be looking out for in 2009.
SQL Injection Attacks
The Sophos research showed that over the past year the number of SQL injection attacks against innocent websites increased, a trend Sophos expects will continue next year.
Web insecurity, notably weakness against automated remote attacks such as SQL injections, will continue to be the primary way of distributing web-borne malware.
A recent report from the Internet Crime Complaint Center also points to an increase in SQL injection attacks in 2008, specifically relating to financial services and the online retail industry. Unfortunately, cyber criminals prey on the needs of Web users at any given time, and this time the economic crisis is their meal ticket.
The article is well worth reading if you're interested in how attackers compromise websites by SQL Injection or if you want ideas on how to reduce the likelihood of intruders gaining access to your private data.
Third Party Advertising Agencies and Scareware
In February 2008, Sophos confirmed a 'poisoned Web advertising campaign' on BBC competitor ITV's website that affected both Windows and Mac machines. While we've all seen Scareware, the pop ups designed to scare people into buying anti-virus software, this is the first time it has been seen for the Mac.
According to Sohpos, a Flash file was injected into traffic served up by ITV.com via third party advertisin
g agencies. Designed to promote a program called Cleanator (Windows) or MacSweeper (Macs), the programs claimed to detect "compromising files" and encouraged users to purchase a full version of the package.
As websites often use third parties to serve up their advertising, Graham Cluley, senior technology consultant at Sophos suggests taking care when selecting agencies. "Website owners should ask the third party agencies they use what procedures they have implemented to positively vet the adverts that they deliver for malicious content or unsavory links.
Social Networking Sites
With social networking on the rise, the bad guys have found yet another playground on the Web. The Sophos report reveals 1800 Facebook users had their profiles defaced in August by an attack that installed a Trojan while displaying an animated graphic of a court jester.
Gated sites appeal to the bad guys because they form a "launching pad" for mass distributing malware attacks and spam, like the recent Koobface Trojan which attacked both MySpace and Facebook and transformed victim machines into zombie computers to form botnets.
Twitter too has become a tool for cyber criminals to distribute malware and marketing messages. In many cases, the bad guys steal members' usernames and passwords and bombard the victims' friends with marketing messages or direct them to third party websites. With Twitter especially, it is difficult to discern where links are going due to the 140 character limit and the use of services that shorten URLs.
On the flip side however, Chris Boyd of FaceTime Security Labs at this years RSA Conference explained that social networking sites are incredibly useful for security researchers. "The people that create these things have been on social networking sites since the beginning; they need to be on them a lot to understand them intimately enough to exploit them. But many times they leave a trail online that we can use to track them, to find out things like their names, ages and friends."
There are more others Top security threats in 2009. IF you are interested, do visit TOP ONLINE SECURITY THREAT FOR 2009.
Reference:
http://www.readwriteweb.com/archives/top_online_security_threats_for_2009.php
No comments:
Post a Comment