Online criminals rethink attack vectors

[Steve]

Remember when the OS was the primary target of malicious attacks? That's changed now. Media players and other software are now attracting the attention of cyber criminals.

Attackers are changing their targets after Internet service providers and operating systems designers such as Microsoft started shoring up their systems following a barrage of worms, viruses and other online threats in recent years.

The group's "SANS Top20" report identifies the 20 most targeted software flaws that criminals use to infiltrate computers.

Top Windows vulnerabilities include Microsoft Corp.'s Internet Explorer Web browser and Windows Office and Outlook Express. The report also listed Apple Computer Inc.'s Macintosh operating system as a top vulnerability among Unix operating systems.

[Reuters]

[TheAnimus]

PHP Worms and firefox, main two things i disagree on. Firefox is probably the single most widely used cross platform client tool. People need to realise that puts it at extream risk. With PHP worms they're generally targetting one product, admitadly google can provide a nice directory of everyone who uses it, which might improve the spread. But the sheer number of idoits who use firefox with no understanding of security (the same who blindly premote OS's with know technical knowledge, because its "cool").

Security with programs is like security with homes. Putting that clever alaram system in your home only serves purpose if your neighbours don't have one, that way they get burgled not you. Same goes with program security (enless you have mass hatread) people will target common applications.