Posts Tagged Security
Hackers are coming up with more and more ways to gain control over information on the internet. There are dozens of reasons for hackers to do what they do, but here is a list of how they do it, and how to prevent them.
1. Cross site scripting (XSS)
The most commonly exploited security vulnerability in web applications. The weakness arises when an application does not validate or encode user data before the information is sent to a web browser. Hackers implement malicious script in a browser and gain access to user sessions, web sites, conduct phishing, and/or release malware.
The use of Polymorphic Malware by cyber criminals is on the rise. A recently cited report from Symantec regarding this trend stems from some of these exploding statistics. Malware of this type is known as polymorphic because it is described to constantly change in nature, making the detection and removal of infections a very difficult task. The code in such polymorphic malware retains its function through its evolution, but the code itself is known to change various characteristics and methods such as changing filenames, encryption, compression techniques, signature changes, among others.
In a world of viruses, malware, and hackers, information security is a big deal. One single method of IT security cannot insure protection of mission-critical data. In the enterprise IT environment, layering multiple tactics and security processes can help close all of the gaps. A visual look at a data center provides us with the 8 levels of information technology security which work together to form a tight-knit and (hopefully) impenetrable web of safeness.
Every time I talk to Art Coviello, President of RSA, I get depressed, scared and hopeful. I received a memo today from RSA which was Art’s yearend review and 2010 look ahead. Here are some excerpts.
From the Desk of Art Coviello
Subject: Security in 2009 and a look ahead