Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
SQL injection attack was used to propagate the malicious code that exploited zero day vulnerability in Microsoft Internet explorer last year. [Symantec, (2009 ) pg. (47)] the aim of the attackers employing this kind of a generic attack is to exploit the trust of visitors of a website that is usually known to be safe and secure. More recent attack involving a web application was the zero-day attack that exploited multiple vulnerabilities in Adobe Flash Player. [Kaspersky Lab, 2009]
Conclusion
There is a clear change in the computer security scenario. Cybercriminals do not just do it for fun or fame anymore but are getting more professional and monetizing their skills in the underground economy. Phishing, identity theft and stealing of valuable personal and financial information would continue to be a major nuisance in the coming years. A new form of attack using seemingly safe data files such as PDFs, media files, etc., will become more common in the coming years as criminals are employing different obfuscation techniques to evade AV detection. There will be more attacks on webkit-based browsers that are used in mobile Internet devices such as iphones. Web browsers will continue to be the most targeted software for attacks as these are the most used agents for almost all Internet related applications. As always, prevention is better than cure. Even a common sense approach such as logging in as a user instead of administrator ("principle of least privilege') would limit the extent of damage to a great extent. Updating antivirus software, operating...
g system and other software regularly and using sensible precautions such as regular backups would certainly eliminate the risk or atleast minimize the damage of a malware attack.
Bibliography
1) ESET, (DEC, 2008), 'ESET Annual Global Threat Report', Retrieved Oct 30th 2009, from, http://www.eset.com/threat-center/threat_trends/EsetGlobalThreatReport (Jan2009).pdf
2) Symantec, (Apr 2009), ' Symantec Global Internet Security Threat Report', Retrieved Oct 30th 2009, from, http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_internet_security_threat_report_xiv_04-2009.en-us.pdf
3) Eugene Kaspersky, (2006), 'Changes in the Anti-Virus Industry', Retrieved Oct 29th 2009, from http://www.kaspersky.com/in/reading_room?chapter=188361044
4) Symantec, (Sep 2007), ' Symantec reports Cyber Criminals Are Becoming Increasingly Professional', Retrieved Oct 29th 2009, from http://www.symantec.com/about/news/release/article.jsp?prid=20070917_01
5) Alexi Oreskovic, (2009) 'Hacker Attacks Silence Twitter, Slow Facebook', Retrieved Oct 29th 2009, from http://www.reuters.com/article/internetNews/idUSTRE57548520090806
6) Thomas Claburn, (July 2009), 'Microsoft Warns of 'Browse-and-Get-Owned' Attack', retrieved Oct 30, 2009, from, http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=218400787
7) Kaspersky Lab, 2009, ' Adobe Flash Player Multiple Vulnerabilities', retrieved Oct 30th 2009, from, http://www.viruslist.com/en/advisories/35948
Bibliography
1) ESET, (DEC, 2008), 'ESET Annual Global Threat Report', Retrieved Oct 30th 2009, from, http://www.eset.com/threat-center/threat_trends/EsetGlobalThreatReport (Jan2009).pdf
2) Symantec, (Apr 2009), ' Symantec Global Internet Security Threat Report', Retrieved Oct 30th 2009, from, http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_internet_security_threat_report_xiv_04-2009.en-us.pdf
3) Eugene Kaspersky, (2006), 'Changes in the Anti-Virus Industry', Retrieved Oct 29th 2009, from http://www.kaspersky.com/in/reading_room?chapter=188361044
4) Symantec, (Sep 2007), ' Symantec reports Cyber Criminals Are Becoming Increasingly Professional', Retrieved Oct 29th 2009, from http://www.symantec.com/about/news/release/article.jsp?prid=20070917_01
5) Alexi Oreskovic, (2009) 'Hacker Attacks Silence Twitter, Slow Facebook', Retrieved Oct 29th 2009, from http://www.reuters.com/article/internetNews/idUSTRE57548520090806
6) Thomas Claburn, (July 2009), 'Microsoft Warns of 'Browse-and-Get-Owned' Attack', retrieved Oct 30, 2009, from, http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=218400787
7) Kaspersky Lab, 2009, ' Adobe Flash Player Multiple Vulnerabilities', retrieved Oct 30th 2009, from, http://www.viruslist.com/en/advisories/35948
who have access to the network do not maintain proper security procedures and remain well-informed regarding potential risks and updated procedures and policies (Cobb, 2011; Whitman & Mattord, 2011; ICR, 2008). Any security policy must, after being properly designed and established, be communicated clearly and comprehensively to all relevant personnel, which in today's organizations typically means anyone with access to a company computer and/or the company network, or who
Computer Security Information In the 21st century, information is the key to almost every organization's success. Data is the lifeblood of business -- the information one uses to be competitive and the information that spells success or failure in the marketplace. Data is so important that an entirely new security focus has arisen -- Computer Information Security. In an era in which we must choose which issues for focus, the issue
His study includes the following; The U.S. government through the executive to provide appropriate leadership to steer the country in the domain of cyber security. The state to conduct immediate risk assessment aimed at neutralizing all the vulnerabilities. The creation of an effective national security strategy as well as the creation of an elaborate national military strategy. Molander (1996) uses a qualitative research approach and methodology .The method used is constructive. The constructive
Computer Security is vitally important to the success of any 21st century firm. However the integrity of computer security has been greatly compromised in recent years and hackers have found creative ways to invade computer systems. The purpose of this paper is to assess how vendor's solutions enable organizations to better meet their overall business goals and strategies. We will also discuss the security of several vendors, which include www.requisite.com,
Computer Security by Rozeberger and Zeldich. The tutorial gave a basic overview of computer security, including viruses, worms, and Trojan horses. It discussed how to avoid attacks or at least to become aware of the potential of attacks. The tutorial also looked at how hackers work, to help explain how breaks are performed. I chose this tutorial because I believe that computer security is one of the most significant
Information Technology Security for Small Business The need for protecting a business's information is crucial in the modern business world regardless of the size of the business. In light of the increased technological advancements that generate numerous threats and vulnerabilities, protecting a business's information is as significant as safeguarding every other asset. Actually, businesses are facing the need to protect information in a similar manner like safeguarding employees, property, and products.