Penetration Testing mailing list archives
Re: Evolution of security threats and exploits...
From: Todd Haverkos <infosec () haverkos com>
Date: Wed, 08 Dec 2010 09:18:18 -0600
cribbar <crib.bar () hotmail co uk> writes:
Could I ask, from the perspective of an internal systems administrator, the so called “good guy”, do you hackers / pen testers see any major trends in the IT security industry that people with malicious intent are now targeting or exploiting these days, as opposed to say, 5 years ago? Has any of the main focus of primary attack shifted in the last few years?
Seems like client-side attacks have been quite on the rise recently. Web exploit packs and crimeware to enable drive by exploitation of unpatched web browsers and plugins seem to be quite the rage. This is now over a year old, but activity on this front certainly continues http://blog.avast.com/2009/08/12/exploit-pack-as-the-way-to-infect/ Web applications, of course remain under constant attack, but that's been true for the past 5 years. -- Todd Haverkos, LPT MsCompE http://haverkos.com/ ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Evolution of security threats and exploits... cribbar (Dec 01)
- RE: Evolution of security threats and exploits... Jarret Raim (Dec 01)
- Re: Evolution of security threats and exploits... Dan Crowley (Dec 01)
- Re: Evolution of security threats and exploits... Shain Singh (Dec 01)
- Re: Evolution of security threats and exploits... Todd Haverkos (Dec 10)
- Re: Evolution of security threats and exploits... cribbar (Dec 11)
- <Possible follow-ups>
- Fwd: Evolution of security threats and exploits... Ryan Sears (Dec 01)
- Re: Evolution of security threats and exploits... Haroon Meer (Dec 01)