[ISN] SANS Institute updates list of 'Top 20 Internet Security Vulnerabilities'

InfoSec News isn at c4i.org
Tue May 2 04:43:45 EDT 2006


http://www.networkworld.com/news/2006/050106-sans-top-20.html

By Ellen Messmer
NetworkWorld.com
05/01/06

SANS Institute Monday updated its list of "Top 20" vulnerabilities
discovered in products or types of exploits and attacks that threaten
users on the Internet.

The SANS "Spring Update" of its Top 20 Internet Security
Vulnerabilities cites a growth in critical vulnerabilities discovered
in the Mac OS/X operating systems, as well as vulnerabilities
associated with the Mozilla Firefox open-source Web browsers that had
to be patched.

Rohit Dhamankar, editor of the SANS Top 20 and manager of security
research at 3Com's TippingPoint division, said the good news is that
software patches for the Mozilla Firefox open-source browsers are
usually more quickly issued compared with Microsoft's patch process
for its Internet Explorer.

"The [Mozilla Firefox] patches arrive much faster, typically within a
week," said Dhamankar, adding that Microsoft generally waits for its
scheduled second Tuesday of the month to issue software patches. He
added that so many zero-day exploits have been discovered recently in
association with Microsoft Explorer, the browser's name should be
changed to "Internet Exploiter."

Other trends cited by SANS Institute include SQL injection
vulnerabilities and attacks against databases, as well as the
"scourge" of successful "spear phishing" attacks, especially against
U.S. defense and nuclear-energy sites.

In spear phishing, an attacker sends e-mail pretending to be a trusted
source to a targeted victim who turns over sensitive information to
the attacker.

While SANS Director of Research Alan Paller declined to reveal the
names of specific agencies that had been the target of spear phishing,
this type of attack has caused so much concern in the U.S. government,
he said, that there's been a new word coined for such an attack:  
"exfiltration."

A play on the word "infiltration," the word "exfiltration" is "being
used a lot around Washington these days," because of a number of
successful spear-phishing attacks, says Paller.





More information about the ISN mailing list