Looking back, 2010 was a breakout year for application whitelisting. Once considered an alternative anti-malware solution, a shift has occurred towards a modern, antivirus approach that has application whitelisting as the primary mechanism for preventing the execution of malicious applications, with traditional antivirus solutions playing a more reactive, cleanup role.
Unfortunately, the year also brought a number of security challenges that have permanently changed the threat landscape. The year was highlighted by several new, high-profiled targeted attacks that included the game-changing Stuxnet worm. But through it all was the fact that application whitelisting stopped portions of all these targeted attacks, no matter how new or sophisticated they were. Below, I’ve compiled a list of CoreTrace’s Top 5 blogs for 2010: ( Read More… )
As technology evolves, so do cyber attacks and the security tools we use to protect our systems. With 2011 quickly approaching, I want to share my predictions for next year’s top security challenges. The five themes I’ve included are based on emerging security trends we’ve seen in 2010. I believe the following areas could have a significant impact on the security market in 2011 (for the full list, please read the article here):
- Blended threats will become the norm; Stuxnet clones will be rampant, but the real threats will be far more dangerous and sophisticated: My concern is that Stuxnet was far too public and easily discovered. While Stuxnet clones will have a profound impact in the security industry, these threats may be the tip of the iceberg for real threats that are far more powerful and dangerous. ( Read More… )
A survey released this week found that more than 50% of financial services professionals consider banking Trojans such as Zeus to be the greatest threat to online banking today. Typically aimed at stripping business accounts of assets, the malware attacks steal from legitimate accounts and transfer funds to fraudsters’ own accounts or money mules.
69% of respondents said their organizations have seen an increase in Zeus-style attacks against customer accounts over the past year. The report noted that these types of attacks hit online banking services that 1-in-3 respondents said are either “extremely” or “very” vulnerable to attacks — online Automated Clearing House (ACH) and wire transfers. ( Read More… )
In a world where cyber criminals are working around the clock, it’s interesting how long it can take publicly known vulnerabilities to get fixed. That question was (sort of) answered in November. Other industry surveys in November brought to light the impact identity theft is having on healthcare organizations, and the biggest IT security concerns for small businesses. Here are some of the top endpoint stories for November 2010. ( Read More… )
December is a time for lists. There’s holiday wish lists, year-in-review lists, and so on.
This week, SC Magazine published its list of top security topics and stories for 2010. Among the various lists the staff compiled for the article, “IT security: The year in lists,” was the year’s “Top Five Threats”. What’s interesting is that this particular list is a mirror-image of what we’ve been blogging about all year — and that all five are threats that CoreTrace’s Bouncer application whitelisting solution help thwart.
Starting in January, we’ve written specific blogs on four of the top five threats mentioned. And the one that we haven’t blogged on, we know Bouncer can help defeat. Here is the recap: