Surviving the Week 8/10/12

Web Apps Experience 2,700+ Attacks Per Year
In a recent study, Imperva found that the average application can expect attack incidents 120 days per year or 33% of the time with some targets experiencing attacks 292 days per year or nearly 80% of the time.
http://www.net-security.org/secworld.php?id=13395

Imperva’s IPS solution is included in this WAF/IPS effectiveness study by Larry Suto, analyzed the effectiveness of WAF’s and IPS’s at blocking attacks when configured manually and when configured with automatic rules generated from DAST tools, like NTOSpider.

DDoS Attack Takes Down WikiLeaks
The controversial website which often posts proprietary information that has more than likely been uncovered without permission, was down for at least five days and had been experiencing a massive Distributed Denial of Service (DDoS) attack.
http://venturebeat.com/2012/08/08/wikileaks-ddos/

Patch Tuesday
The Patch Tuesday update will apply to four ‘important’ rated fixes and five ‘critical’ bulletins which will address remote code execution vulnerabilities in Windows, Office and Internet Explorer.
http://www.zdnet.com/patch-tuesday-microsoft-to-fix-five-critical-security-flaws-7000002462/

Lessons Learned from Apple iCloud Hack
This was a great story from Wired reporter, Mat Honan. His entire digital life dissolved before his eyes because Lulszec liked his Twitter handle @mat and wanted to make a statement. They gained entry into his iCloud account, used it to remote wipe all of his devices and achieve access into his other accounts. At least they told him how they did it. Here are some things to keep in mind to minimize damage if a similar incident ever happens to you.
http://securitywatch.pcmag.com/none/301183-lessons-learned-from-apple-icloud-hack

Future HTML5 and Security
This week multiple reports came out on which technologies will have longevity. The analysis concludes that HTML5 is here to stay. In fact, most people see that instead of building applications on different mobile platforms, companies prefer to create HTML5 applications so that one client can serve all mobile devices as well as browser users. Last week, @Shreeraj of BlueInfy presented at BlackHat about security issues in HTML5. Click here to view @Shreeraj’s HTML5 presentation.
http://www.zdnet.com/forrester-bump-the-html5-effort-this-isnt-2011-anymore-7000002320/

 

 

About Dan Kuykendall 173 Articles
Connect with Dan on Google+

Be the first to comment

Leave a Reply

Your email address will not be published.


*