Attack of the cyber toxins

Discussion in 'other anti-malware software' started by Chuck57, Mar 26, 2007.

Thread Status:
Not open for further replies.
  1. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    Not sure where this belongs, but it's pretty interesting

    http://www.misweb.com/magarticle.asp?doc_id=26138&rgid=5&listed_months=0

    Hackers have cured the problem of pesky firewalls, and created a whole new monster.


    Security used to mean buying a firewall, regularly patching your operating systems and installing some anti-virus software on your storage server or workstations.

    With AV and a firewall at your service and working in tandem, internet users outside your enterprise could connect to the appropriate IP ports on your web and email servers, while your workstations were shielded by the firewall from the outside world. Happy days, indeed.

    Today, the threat has been turned on its head. Application-level security vulnerabilities in client-side software like Internet Explorer, Word and PowerPoint mean that workstations are the new target of choice for hackers. Attacking enterprise servers directly has become so 2001.

    Now, there is more bad news. Your firewall can't really protect you against client-side attacks, and neither will traditional AV applications. "When you talk about something like a client-side attack ... you can send it through email and your perimeter firewall isn't going to be able to prevent that attack," says Marc Maiffret, co-founder and chief hacking officer of eEye Digital Security in the United States. Client-side attacks rely on malicious software being executed on a workstation by the user, usually through clever technical know-how. How that malicious software is executed doesn't matter. What is important is that once it's executed, there's very little you can do to stop it connecting back to its creator.

    (more)
     
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,046
    Location:
    The Netherlands
    Yeah, this is nothing new of course, I guess that´s why so much people included myself are so paranoid nowadays, malware attacks are much more advanced nowadays. That´s why we´re all using HIPS and Sandboxes and stuff. Of course common sense is also needed. But I really wonder if my security tools would protect me against for example a malicous Office document. To tell you the truth, I haven´t got a clue. :rolleyes:
     
Loading...
Thread Status:
Not open for further replies.