Predictions for Enterprise Attacks in 2009
Here's a few brief thoughts on the outlook for attacks against the IT systems of enterprises this year. In this article on SearchSecurity by John Strand, he points to some exploits that are just twists of what is already out there.
Strand sees the return of operating system attacks, possibly linked to web attacks, like cross-site scripting (XSS), more strains on anti-virus products with easily crafted and undetectable exploits from Metasploit 3.2 and the continuation of wireless attacks.
He also suggests limiting web access to employees, since most breaches of corporate networks are through malware from sites accessed by staff. The web vector, he says, continues to be the easiest way to skirt even the toughest of corporate IDS and firewalls.
Strand sees the return of operating system attacks, possibly linked to web attacks, like cross-site scripting (XSS), more strains on anti-virus products with easily crafted and undetectable exploits from Metasploit 3.2 and the continuation of wireless attacks.
He also suggests limiting web access to employees, since most breaches of corporate networks are through malware from sites accessed by staff. The web vector, he says, continues to be the easiest way to skirt even the toughest of corporate IDS and firewalls.
posted by The IT Security Guy at 10:45 PM
0 Comments:
Post a Comment
<< Home