I'll play on all fronts, predictions, left-baiting, and proactive measures.
1. Don't leave Apple off the Adobe train.
2. Critical Infrastructure as a political weapon will result in mass
hilarity and security theater. I'll go as far as saying fark will need a
new Florida tag for articles on this topic.
3. SmartPhones become a viable target for criminals.
1. Re-think your soft spots. Microsoft won't be your major pain in 2010,
its going to be the other 3rd party apps that everyone runs in your
organization. If you don't have a good strategy for patching / updating
these other apps in your organization, its time to find one.
2. Find tools and new solutions for the Social networking problems. No
current security solution does a ton of inspection of this type of traffic,
however, there are a lot of tools that can identify Facebook app usage,
attempt to block some of it, and understand some other Web 2.0 widgets.
Start off simple, just identifying these types of applications and there
usage on your network, then move onto actually doing something with it.
Simple tools like snort or tcpdump can get this type of data.
3. Lay traps, if your organization has a security team and all they do is
sit around and watch the IDS logs / AV logs / and clean-up infected
machines, then they are being lazy. One of the great things you can do is
lay traps especially if you know something about your network. If you know
that everyone uses Internet Exploder then write something that looks for
User-Agent strings that aren't IE, put something on the email server that
counts the number of PDF files you receive everyday, average it, and go
looking when it changes.
Left-Baiting and Right-Baiting
1. Mandatory Certification for Network Security is the most laughable thing
I've heard in a long time. If this comes to pass I'm joining the money
train associated with it, with Exam prep books, learning software, and other
ways to pass it and not learn anything.
2. One more prediction to add to the baiting, not 100% network security
related. Deployment of full body scanners at Airports will result in the
best celebrity photos leaked to your favorite trash magazine in the grocery
What, the left-baiting I just engaged in wasnt fun ;-)
Id add that its the year Network Security becomes a regulated profession,
so certification becomes mandatory.
Behalf Of *RandallM
*Sent:* Wednesday, December 30, 2009 12:25 PM
*Subject:* [funsec] threats abound for 2010 what shall we do, oh my!
McAfee put out top predictions for 2010. Based on these are any you can
add, what mitigation efforts or proactive measures can
individuals and company's do?
Social networking sites such as Facebook will face more sophisticated
threats as the number of
The explosion of applications on Facebook and other services will be an
ideal vector for cybercriminals,
who will take advantage of friends trusting friends to click links they
might otherwise treat cautiously.
HTML 5 will blur the line between desktop and online applications. This,
along with the release of
Google Chrome OS, will create another opportunity for malware writers to
prey on users.
Email attachments have delivered malware for years, yet the increasing
number of attacks targeted
at corporations, journalists, and individual users often fool them into
downloading Trojans and
Cybercriminals have long picked on Microsoft products due to their
popularity. In 2010, we anticipate
Adobe software, especially Acrobat Reader and Flash, will take the top spot.
Banking Trojans will become more clever, sometimes interrupting a
legitimate transaction to make an
Botnets are the leading infrastructure for cybercriminals, used for
actions from spamming to identity
theft. Recent successes in shutting down botnets will force their
controllers to switch to alternate, less
vulnerable methods of command, including peer-to-peer setups.
In spite of the worldwide scope of botnets, we anticipate even more
successes in the fight against all
forms of cybercrime in 2010.
been great, thanks
Fun and Misc security discussion for OT posts.
Note: funsec is a public and open mailing list.
Sr. Director Vulnerability Research Team (VRT)
http://vrt-sourcefire.blogspot.com && http://www.snort.org/vrt/