[For the latest information on vulnerabilities, see the National Vulnerability Database, nvd.nist.gov] It seems that every week, computer security organizations are issuing press releases concerning the latest hacker attack. Some sound dangerous, like the Killer Resume, or mysterious like the Mstream distributed denial-of-service (DOS) program, or cryptic like the cde-dtprintinfo vulnerability. Each announcement represents a new threat that organizations must take seriously if they are to protect themselves, because even a single security hole can make an organization's networks vulnerable to a determined and persistent hacker.The complexity and frequency of these announcements can be overwhelming to organizations, causing them to get lost in the details and to lose sight of the overall landscape of hacking events. This ITL Bulletin addresses the overall picture, trends, and solutions. First, we review the most significant computer vulnerabilities and attacks that have occurred in the past 16 months. Next, we discuss both novel and continuing hacking trends. Finally, we summarize the threats created by these new trends and techniques, and provide guidance on mitigating that threat.
[For the latest information on vulnerabilities, see the National Vulnerability Database, nvd.nist.gov] It seems that every week, computer security organizations are issuing press releases concerning the latest hacker attack. Some sound dangerous, like the Killer Resume, or mysterious like the...
See full abstract
[For the latest information on vulnerabilities, see the National Vulnerability Database, nvd.nist.gov] It seems that every week, computer security organizations are issuing press releases concerning the latest hacker attack. Some sound dangerous, like the Killer Resume, or mysterious like the Mstream distributed denial-of-service (DOS) program, or cryptic like the cde-dtprintinfo vulnerability. Each announcement represents a new threat that organizations must take seriously if they are to protect themselves, because even a single security hole can make an organization's networks vulnerable to a determined and persistent hacker.The complexity and frequency of these announcements can be overwhelming to organizations, causing them to get lost in the details and to lose sight of the overall landscape of hacking events. This ITL Bulletin addresses the overall picture, trends, and solutions. First, we review the most significant computer vulnerabilities and attacks that have occurred in the past 16 months. Next, we discuss both novel and continuing hacking trends. Finally, we summarize the threats created by these new trends and techniques, and provide guidance on mitigating that threat.
Hide full abstract
Keywords
computer security; security threats; system vulnerabilities