funsec mailing list archives
Re: threats abound for 2010 what shall we do, oh my!
From: Matt Watchinski <mwatchinski () sourcefire com>
Date: Wed, 30 Dec 2009 20:40:21 -0500
I'll play on all fronts, predictions, left-baiting, and proactive measures. Additional predictions 1. Don't leave Apple off the Adobe train. 2. Critical Infrastructure as a political weapon will result in mass hilarity and security theater. I'll go as far as saying fark will need a new Florida tag for articles on this topic. 3. SmartPhones become a viable target for criminals. Mitigation efforts 1. Re-think your soft spots. Microsoft won't be your major pain in 2010, its going to be the other 3rd party apps that everyone runs in your organization. If you don't have a good strategy for patching / updating these other apps in your organization, its time to find one. 2. Find tools and new solutions for the Social networking problems. No current security solution does a ton of inspection of this type of traffic, however, there are a lot of tools that can identify Facebook app usage, attempt to block some of it, and understand some other Web 2.0 widgets. Start off simple, just identifying these types of applications and there usage on your network, then move onto actually doing something with it. Simple tools like snort or tcpdump can get this type of data. 3. Lay traps, if your organization has a security team and all they do is sit around and watch the IDS logs / AV logs / and clean-up infected machines, then they are being lazy. One of the great things you can do is lay traps especially if you know something about your network. If you know that everyone uses Internet Exploder then write something that looks for User-Agent strings that aren't IE, put something on the email server that counts the number of PDF files you receive everyday, average it, and go looking when it changes. Left-Baiting and Right-Baiting 1. Mandatory Certification for Network Security is the most laughable thing I've heard in a long time. If this comes to pass I'm joining the money train associated with it, with Exam prep books, learning software, and other ways to pass it and not learn anything. 2. One more prediction to add to the baiting, not 100% network security related. Deployment of full body scanners at Airports will result in the best celebrity photos leaked to your favorite trash magazine in the grocery store. Cheers, -matt On Wed, Dec 30, 2009 at 4:07 PM, Tomas L. Byrnes <tomb () byrneit net> wrote:
What, the left-baiting I just engaged in wasn’t fun ;-) I’d add that it’s the year Network Security becomes a regulated profession, so certification becomes mandatory. *From:* funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] *On Behalf Of *RandallM *Sent:* Wednesday, December 30, 2009 12:25 PM *To:* funsec *Subject:* [funsec] threats abound for 2010 what shall we do, oh my! Lets have some fun-sec FUN: McAfee put out top predictions for 2010. Based on these are any you can add, what mitigation efforts or proactive measures can individuals and company's do? • Social networking sites such as Facebook will face more sophisticated threats as the number of users grows. • The explosion of applications on Facebook and other services will be an ideal vector for cybercriminals, who will take advantage of friends trusting friends to click links they might otherwise treat cautiously. • HTML 5 will blur the line between desktop and online applications. This, along with the release of Google Chrome OS, will create another opportunity for malware writers to prey on users. • Email attachments have delivered malware for years, yet the increasing number of attacks targeted at corporations, journalists, and individual users often fool them into downloading Trojans and other malware. • Cybercriminals have long picked on Microsoft products due to their popularity. In 2010, we anticipate Adobe software, especially Acrobat Reader and Flash, will take the top spot. • Banking Trojans will become more clever, sometimes interrupting a legitimate transaction to make an unauthorized withdrawal. • Botnets are the leading infrastructure for cybercriminals, used for actions from spamming to identity theft. Recent successes in shutting down botnets will force their controllers to switch to alternate, less vulnerable methods of command, including peer-to-peer setups. • In spite of the worldwide scope of botnets, we anticipate even more successes in the fight against all forms of cybercrime in 2010. -- been great, thanks RandyM a.k.a System _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
-- Matthew Watchinski Sr. Director Vulnerability Research Team (VRT) Sourcefire, Inc. Office: 410-423-1928 http://vrt-sourcefire.blogspot.com && http://www.snort.org/vrt/
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: threats abound for 2010 what shall we do, oh my!, (continued)
- Re: threats abound for 2010 what shall we do, oh my! Tomas L. Byrnes (Dec 30)
- Re: threats abound for 2010 what shall we do, oh my! Paul Ferguson (Dec 30)
- Re: threats abound for 2010 what shall we do, oh my! Tomas L. Byrnes (Dec 30)
- Re: threats abound for 2010 what shall we do, oh my! Paul Ferguson (Dec 30)
- Re: threats abound for 2010 what shall we do, oh my! Tomas L. Byrnes (Dec 30)
- Re: threats abound for 2010 what shall we do, oh my! Paul Ferguson (Dec 30)
- Re: threats abound for 2010 what shall we do, oh my! Tomas L. Byrnes (Dec 30)
- Re: threats abound for 2010 what shall we do, oh my! Paul Ferguson (Dec 30)
- Re: threats abound for 2010 what shall we do, oh my! Tomas L. Byrnes (Dec 30)
- Re: threats abound for 2010 what shall we do, oh my! Joel Esler (Dec 31)
- Re: threats abound for 2010 what shall we do, oh my! David Lodge (Dec 31)
- Re: threats abound for 2010 what shall we do, oh my! G. D. Fuego (Dec 31)
- Re: threats abound for 2010 what shall we do, oh my! The Security Community (Dec 31)
- Re: threats abound for 2010 what shall we do, oh my! Valdis . Kletnieks (Dec 31)
- Re: threats abound for 2010 what shall we do, oh my! Tomas L. Byrnes (Dec 31)
- Re: threats abound for 2010 what shall we do, oh my! The Security Community (Dec 31)