Last month I kicked off a post focusing on the top endpoint security stories in the past month. This month brought a number of endpoint security events ranging from the latest Microsoft zero-day vulnerabilities without a fix to botnet and phishing news. The theme of the month is that both individuals and corporations are simply losing the battle against online criminals when it comes to desktop security.
- Sept 1, 2009 – IIS FTP flaw announced with exploit code
Microsoft kicked off the month by confirming the publication of exploit code for the IIS FTP vulnerability that could allow remote code execution on affected systems. The vulnerability affected systems running the IIS web server and was particular dangerous to FTP servers that had anonymous accounts for uploads. Continue reading this post…
Anti-virus simply isn’t effective anymore at providing desktop security. We have posted on this topic quite a bit recently, but it seems to have an endless supply of new information and postings that support the growing trend away from reactive, signature dependent anti-virus.
Consider the recent post from long-time industry expert, Robin Bloor, titled The Beginning of the End For AntiVirus. Robin has been a long time advocate of moving away from a clearly broken anti-virus technology and moving toward a more proactive solution that can solve the problem of zero day threats and root kits. He had this to say about the growth of whitelisting and the fall of AV in his article: Continue reading this post…
I am kicking off a monthly blog post that will wrap up some of the previous month’s top stories in endpoint security. This idea originally occurred to me when I thought about the life of an IT/security professional today. Teams that are not using application whitelisting need to respond to every single attack and vulnerability uniquely. This is the proverbial case of treating the symptoms instead of the disease. This monthly post will highlight many of the major “symptoms” that teams are struggling to deal with. Our take: deal with the disease.
Last month featured a number of interesting, if troubling stories, ranging from the largest credit card theft indictment in history, to using Twitter to control botnets. So without further ado, here are a selection of some of the top endpoint security stories for August 2009: Continue reading this post…
I came across this post from John Pescatore today on his Gartner blog titled, “Twelve Word Tuesday: I’d Start Over Again on Desktop Security”, and I couldn’t agree more. The evidence of the failure of blacklisting anti-virus can be found everywhere.
John, makes a reference to the Government’s Cash for Clunkers program and I think the analogy is an appropriate one. There are many desktop security companies that are heavily invested in the way things are today. Their recurring revenue model is based on subscriptions to a bloated blacklist. Their security solutions work on a find and clean model and not a preventative model. The likelihood that they will “start over” on security is slim to none and more likely they will keep trying to add a fresh coat of paint, change the tires and oil and patch things together with new additions. The problem is the engine is broken and won’t last much longer. Continue reading this post…
There have been many cases of social networks overlapping security software this year. Whether they are using Twitter or Facebook for botnet control or propagating phishing links through shortened URLs, online criminals are finding ways to tap into the explosive growth of social networks and use that to exploit end users and their devices.