Application layer technology can be expensive and hard to implement, however:
…finds it appalling that 97 percent of organizations are still using packet filters as their firewalls when the threat vector switched five years ago to the application layer. "So essentially everybody is out there today living in the Web 2.0 world using Web 1.0 risk mitigation,
Better protect your content!
virtually everyone out there is simply turning on RSS feeds into their browser to get news in real time, we'll say, yet nobody's considering the consequence of ActiveX or JavaScript being injected into the RSS feed.
Hopefully products that address these issues are inexpensive and easy to implement:
...products that address this issue and provide security with real-time scanning or real-time content inspection. The technology can inspect the code in the wire just before it is about to appear in a browser
Here's a real world example. Read the full article to see more.
When the Trojan is trying to get its command, let's say at midnight, it will connect to a blog service that no one has blocked because it is popular. If this Trojan collected data, it now needs to send it back out to the attacker, and it doesn't need to communicate with the attacker directly. It can be posted as content on the Web 2.0 site-in my MySpace profile or in a blog-and the hacker will connect to the blog, grab the data and then delete that from the blog. So Web 2.0 becomes a hosting platform that the hacker can use to either send commands to the Trojan or get the content out,"
No comments:
Post a Comment
Comments on this blog are moderated and we do not accept comments that have links to other websites.