SANS issues vulnerability top 20

Posted by   Virus Bulletin on   Nov 29, 2007

Annual study of security risks finds software and humans present dangers.

The SANS Institute has released its annual survey of vulnerabilities putting computer systems and networks at risk, finding increasing threat levels in server and client side software as well as a growing trend of risks emerging from human nature rather than programming flaws.

The study discusses problems with browsers, email clients, office software and media players on the client side, and web applications, services offered by the operating system, databases and backup systems on servers, as well as highlighting an increased emphasis on exploitation of flaws in security software. At a more human level, inappropriate use and configuration of software as well as the dangers of social engineering are analysed.

A summary of the findings, including free links to check for vulnerabilities and measure web attack levels, is at SANS here, with full details of the study here

Posted on 29 November 2007 by Virus Bulletin

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest posts:

Throwback Thursday: Holding the Bady

In 2001, ‘Code Red’ caused White House administrators to change the IP address of the official White House website, and even penetrated Microsoft’s own IIS servers.

Paper: The Journey of Evasion Enters Behavioural Phase

A new paper by FireEye researcher Ankit Anubhav provides an overview of evasion techniques applied by recently discovered malware.

Guest blog: Espionage toolkit uncovered targeting Central and Eastern Europe

Recently, ESET researchers uncovered a new espionage toolkit targeting targeting Central and Eastern Europe. They provide some details in a guest post.

Avast acquires AVG for $1.3bn

Anti-virus vendor Avast has announced the acquisition of its rival AVG for 1.3 billion US dollars.

Throwback Thursday: You Are the Weakest Link, Goodbye!

Passwords have long been a weak point in the security chain, despite efforts to encourage users to pick strong ones. 13 years ago, Martin Overton wrote an article highlighting the weakness and explaining why it is the human element that presents the…