Thursday, December 24, 2009

Smartphone attacks, rogue antivirus, cloud breaches top 2010 security concerns

The rise of the Conficker worm and Heartland Payment Systems' enormous data breach were two defining security events in 2009. What's in store for 2010?

"It's going to get worse," says Patrik Runald, senior manager of security and research at Websense, who argues there has not yet been a year when things got better in terms of security and the wider Internet. Criminals have been mastering botnets, phishing scams and fake antivirus software sales, and 2010 will bring new waves of attacks that exploit fresh targets. Specifically, smartphones such as the Apple iPhone and those based on Google's Android operating system will be in attackers' line of sight for 2010, Runald says.

Read More

Thursday, December 03, 2009

Clientless SSL VPN products break web browser domain-based security models

Clientless SSL VPN products from multiple vendors like Cisco ,Juniper and others operate in a way that breaks fundamental browser security mechanisms. An attacker could use these devices to bypass authentication or conduct other web-based attacks.

Read More