Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Chat and media programmes targeted in zero day malware attacks.

Finjan Software : 05 December, 2007  (Technical Article)
Finjan warns of hackers moving into popular media and chat programmes to gain access to information resources through zero-day unpatched code.
Finjan has warned companies to be aware of zero-day attacks being used by hackers targeting popular Web applications like media players and chat applications. The current attack is focusing on popular applications that are usually left unpatched or untracked by administrators for vulnerabilities. While most enterprises are scheduling Microsoft's security patches deployments, applications from other vendors are usually left unpatched and as a result are becoming as an easy target for hackers. These attacks attempt to install Trojans on end-user machines to steal valuable corporate data.

"The problem with hackers targeting these Web applications - such as media players, chat applications, as well as the latest Web 2.0 features - is that these threats are not tracked in general vulnerability reporting services. This makes the task of identifying and protecting against these types of attacks all the more difficult," said Finjan CTO Yuval Ben-Itzhak.

"Since most vulnerability reporting services tend to focus on Microsoft software, this makes the business of criminal hackers a lot easier," he said.

"As most users and enterprises fail to patch these non-Microsoft products anywhere near as frequently as Microsoft applications, the problem of open source and other non-Microsoft software security becomes more difficult to track and resolve," he added.

Against this backdrop, Ben-Itzhak advises IT managers to review non-Microsoft applications, in use by their end-users, to ensure all available patches were deployed.

"IT managers should also regularly review their security needs and ensure that their Web security technology is capable of defending company IT resources against the multi-vectored and hybrid nature of today's electronic attacks.
Adding Secure Web Gateways, utilizing real-time content inspection technologies to detect and prevent Trojans from infiltrating the network, has become an acute need in today's network environment to secure corporate data" he said.

Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo