About  Contacts  Subscribe  Advertise  Jobs  Site map  RSS
Audio/video
 SEARCH  IT Week White papers Google

Zero-day attacks thrive in 2006

Office, VoIP and web apps among top targets

Shaun Nichols in California, vnunet.com, 16 Nov 2006
IT security
Zero-day exploits target undisclosed or recently discovered vulnerabilities

Online attackers are increasingly use zero-day flaws and targeting a wider array of applications, according to the annual Top 20 Security Attack Targets report from the Sans Institute

Zero-day exploits target undisclosed or recently discovered vulnerabilities which have yet to be patched.

The attacks are often not detected by security software, and can be much more effective in compromising systems and installing malware.

Although Microsoft's Internet Explorer is still a favourite target, attackers are increasingly switching to other applications.

The Sans Institute reported a threefold increase in the number of attacks targeting Microsoft Office in 2006.

The organisation spotted 45 vulnerabilities in Office classified as either 'serious' or 'critical', nine of which were also reported as active zero-day exploits.

Excel and PowerPoint experienced sharp increases in the number of reported vulnerabilities.

Sans attributed this in part to the prevalence of Office and the fact that the suite does not have as much security protection as programs such as web browsers.

The report also pointed to a rise in attacks against two emerging technologies: VoIP and web-based applications.

Continued on page 2 >
Permalink  Comments  Forward  Print
digg   del.icio.us   reddit!

Related content
Hacking
BulletDNS exploit haunts researcher
Local ISP attack affects BreakingPoint  31 Jul 2008
Microsoft
Hacking
BulletMicrosoft pushes out 17 security fixes
'Critical' patches for Windows, Office and Internet Explorer  13 Feb 2008
Hacking
Hacking
BulletCyber-attack launched from 10,000 web pages
Unsuspecting surfers redirected to site laden with malware  13 Mar 2008
Bugs & Fixes
BulletPatch Tuesday brings 26 fixes
Six critical patches highlight largest update in years  13 Aug 2008
Hacking and Cyber-crime
BulletPhishers target flaw on Google
Scam redirects web users to malicious malware sites  19 Mar 2008
IThound
Latest news
usb stick in keyboard
Applications
BulletNortel delivers secure access on a stick
Secure Portable Office provides virtual desktop for accessing remote applications  27 Aug 2008
Developer
BulletMozilla launches Ubiquity for user-generated mash-ups
New open-source experiment could enable non-technical users to create mash-ups  27 Aug 2008
Nokia phone
Mobile Communications
BulletNokia tops mobile sales chart
Gartner figures show mobile sales strong across the board, despite economic slowdown  27 Aug 2008
> More news
Latest in depth
facebook page
Analysis
BulletWeb 2.0 does the business
It is time for IT leaders to harness social networking tools as a means of boosting productivity  31 Jul 2008
guy kewney
News
BulletKewney: Positive feedback
Comments on the web are two-a-penny, but a response from an IT Week reader is priceless  31 Jul 2008
Hardware Reviews
BulletReview: HP moves to rival BlackBerry
The iPaq 914c is a mobile messaging device designed to work with the latest communciation and management tools  01 Aug 2008
> More in depth
Reader comments
Post your comment Post your comment   What is this?

Advertising Marketplace

Sponsored links
ADVERTISEMENT

Newsletter



IThound
Search for solutions, reports & analysis

Job zone

Job of the week
Related jobs
Search for a job
Try our Advanced search
ADVERTISEMENT
ADVERTISEMENT
Useful links: About us . Privacy policy . Terms & conditions . Site map . Bookmark this site . Advertise
Categories: Business . Business hardware . Business software . Communications . Employment & Skills . Public sector . Security . More...
Business Technology websites:
BusinessGreen Business green news, resources, blog, podcasts
Computing Business technology news, ecommerce, government, security, business podcasting
Computing Business Agenda Setters, Leadership, Boardroom, Best Practice, webinars
CRN Channel news, distributor directory, business hardware reviews
The Inquirer Technology, chips, memory, graphics, servers, hardware reviews
IT Week News for IT managers, podcast, blogs, expert comment, hardware reviews, white papers
vnunet.com Technology news, Silicon Valley Sleuth, blogs, forums, podcast, downloads
Jobs & Recruitment websites:
Accountancy Age Jobs Accountant jobs, jobs in finance, audit jobs, cima jobs, acca jobs, corporate finance jobs, management accounting jobs, finance director jobs, finance recruitment agency directory, Top 50 accountancy firms, accountant salary survey
Computing Careers IT jobs, Programmer jobs, Developer jobs, IT manager jobs, Project manager jobs, SAP jobs, Oracle Jobs, Java Jobs, IT recruitment agency directory, Top IT Employers in the UK 2007
Inquirer Jobs Software Engineer Jobs, firmware developer jobs, electronics engineer jobs
Other titles in the Incisive Media network:
Business & Finance websites: Accountancy Age . Best Practice . Financial Director . Management Consultancy
Consumer Technology websites: Active Home . Computeractive . Gizmodo . PC Magazine . PCW . WebAct!ve . What PC?
© Incisive Media Ltd. 2008
Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503