How the security threat landscape will evolve this year
by Lamar Bailey - Director of Security Research and Development for nCircle - Wednesday, 16 January 2013.
The Mal/ExpJS code in that case was notable for attempting to evade detection by being obfuscated (hidden) using a complex methodology that relied on a Web drive-by download attack vector as a means of infection.

Zero-day Web browser threats

This leads us nicely into discussing the fifth of our top five vulnerabilities, that of zero-day Web browser threats. Internet Explorer has come a long way since version 1.0 saw the first light of day in the mid-1990s, but the Web browser client’s evolution over the last 12 months has been rapid, adding a swathe of new features to the previously laggardly Web browser client.

In September 2012, several researchers warned of a new zero-day exploit for Internet Explorer, which – owing to its severity led to some firms advising users to switch to using another Web browser until the security flaw was remediated by Microsoft. Some reports suggested that the flaw affected as many as 32 per cent of Web users worldwide, owing to the penetration rate of Internet Explorer 7 – 9 running under the Windows XP, Vista and 7 operating systems.

The feature sets seen in that attack have also resulted in a new harvest of threats, which regularly pop their heads over the threats newswire parapets every few months or so. The problem these threats pose is that the actual patching process takes time, as the software vendors – despite user criticism – really do need to check and verify those patches. HTML5, for example, creates its own set of problems.

Mitigating those problems is no easy task, as it is important to understand that, if users have a given Web browser client installed, it is down to the IT security department to decide on an effective strategy, such as enhancing the performance of intrusion protection systems and the like.

Recommendations

I hope that this overview and analysis of the top five threats for 2013 has piqued your interest. The field of IT security threats – and mitigating those threats – is a constantly changing landscape – meaning it is important to patch, remediate and review your existing devices, as well as applying the same processes to your ongoing defenses and defense strategies.

Understanding what devices are on your network is similar to knowing where the property lines around your home begin and end, allowing you to start building a fence. However, your fence will not keep people out if there are holes in it. In the IT world, these holes can be plugged using security patches.

Unfortunately, for many businesses, patch management is a problem – and since cybercriminals tend to exploit some of the most ubiquitous software on the market, the need to patch those applications assumes significant proportions.

As we’ve seen above, Oracle’s Java and other popular applications such as Adobe’s Flash Player are often common targets. For users of Microsoft Windows, we know they can also expect their machines to get the brunt of the cybercriminal attention.

Analyzing and deploying patches such as Microsoft’s Patch Tuesday updates can be a tedious process when carried out manually. Many small organizations rely on Microsoft’s automatic update mechanism, which, if enabled, can install critical updates with little administrator intervention.

Whilst this approach may work for smaller networks, if the number of endpoints grows - or includes non-Windows machines - the situation can quickly become unwieldy without an automated network scanning solution.

This is particularly true when it comes to dealing with updates for the army of third-party applications on your computers. It is here that vulnerability scanning technologies can help companies find risks and prioritize remediation, so that the most dangerous problems can be countered before it is too late.

Spotlight

Intentional backdoors in iOS devices uncovered

Posted on 22 July 2014.  |  A researcher has revealed that Apple has equipped its mobile iOS with several undocumented features that can be used by attackers and law enforcement to access the sensitive data contained on the devices running it.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Jul 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //