Get prepared for continued exploitation by cyber-criminals, spammers and a new wave of amateur hackers in 2011. Here are the most serious security threats you should be aware of for the upcoming year.
1. Upgrade Your Patches Now!
The biggest threat in 2011 will not come from the bad guys, but will continue to be poor patch management, according to Randy Abrams, director of Technical Education at Eset LLC (San Diego).
"People are not upgrading their programs with the latest patches," said Abrams. "Even amateurs today can download a cyber-attack software kit that exploits multiple known vulnerabilities, most of which have been patched, but still work against millions of computers whose software has not been upgraded."
2. Malware to Exceed 50 Million
Computer viruses, worms, Trojan horses, spyware, rootkits and all types of malware will flourish, but botnets will likely be the biggest problem, since they perform coordinated attacks. "We expect that the number of unique known malicious software samples to be in excess of 50 million by the end of 2011," said Abrams.
3. Social Media Fleecing the Naive
Social networks will continue to exploit the unwary, according to Abrams. E-mail will continue to spread malicious URLs, as will Twitter and Facebook posts. "It’s all about tricking the victim into clicking on something that is going to be bad," said Abrams. "Bad" usually means turning the user's computer into a "zombie" that then does the bad guy's bidding.
4. Mobile Android Targeted by Cyber-criminals
Smartphones mark a new frontier for cyber-criminals. "Mobile handsets are becoming ubiquitous, and they are being used for e-commerce as well—the perfect combination for a cyber-criminal," said Abrams "And unlike the iPhone, Android OS phones can download software from anywhere, making them vulnerable to Trojan horses that can access your GPS, the Internet [and] your contact list, [and] can dial your phone and send text messages."
5. Worm Attacking Iran Will Strike Again
The Stuxnet worm that attacked Iran's centrifuges did so by using stolen digital certificates, which allowed the downloaded software to run on its Windows-based host. "In 2011, we are going to see an expansion of the use of stolen certificates in order to make malicious software run on Windows-based industrial systems," said Abrams.
6. Firesheep Sidejacks Proliferate
In 2011, amateur hackers will increasingly use sidejacking—the stealing of active cookies to allow malicious users to hijack a user's session. "It used to take some skill to perform a hijack," said Abrams. "But now you can just download the Firesheep plug-in for Firefox to hijack Facebook, Twitter and other user sessions over WiFi by reading the log-in information in their cookies." via: Gooptech
terrific....!!!thanks shazi...!!
ReplyDelete