(Linkleri Üyelerimiz Görebilir. UslanmaM Üyeliği İçin Tıklayın) - Though Internet-crippling virus attacks now seem to be a thing of the past PC users didn't feel a lot more secure in 2006. That's because online attacks have become more sneaky and professional as a new breed of financially motivated cybercriminals has emerged as enemy No. 1. Microsoft:-)aaaaaed more bugs than ever and whole new classes of flaws were discovered in kernel-level drivers office suites and on widely used Web sites. Vendors' chatter about security is at an all-time high but the bad guys are still finding lots of places to attack.
And oh yes spam is back.
Following are five of the top computer security stories in 2006.
Cybercrime dividends
Hackers teamed with:-)Linkleri Üyelerimiz Görebilir. UslanmaM Üyeliği İçin Tıklayın:-)in increasingly sophisticated computer crime operations aimed purely for profit. Much of the trouble centered on phishing a type of attack where fake Web pages are constructed to harvest log-in details credit card numbers or other personal information. Credit card numbers are often sold online to others for illicit gain.
In May 20000:-)Linkleri Üyelerimiz Görebilir. UslanmaM Üyeliği İçin Tıklayın:-)were reported a 34 percent increase over the previous year according to U.S. Department of Justice report. The U.S. hosts the largest percentage of phishing sites it said.
But law enforcement agencies are getting more organized and cooperating better particularly in international investigations. At least 45 countries participate in the G8 24/7 High Tech Crime Network which requires nations to have a contact available 24 hours a day to aid in quickly securing electronic evidence for trans-border cybercrime investigations.
The private sector has also helped. Microsoft filed dozens of civil suits and gave information to law enforcement for criminal cases in Europe the Middle East and the United States against alleged phishers throughout 2006.
It's a brand new 0day
With automatic software updates now the norm hackers have been forced to look a little harder for ways to put their malicious software on unsuspecting victims' PCs. In 2006 they turned to zero-day attacks as never before.
These attacks take advantage of previously unreported flaws in software and in 2006 they became a top concern according to the SANS Institute. In fact hackers kicked off the new year in 2006 by releasing zero-day attack code based on a flaw in the way Internet Explorer handled WMF (Windows aaaa File) documents.
This was followed later in the year by a rash of very targeted online attacks that exploited unaaaaaed flaws in Microsoft's Office software. In fact Microsoft:-)Linkleri Üyelerimiz Görebilir. UslanmaM Üyeliği İçin Tıklayın:-)-- this one targeting a flaw in Word -- just this Tuesday.
To underline the scope of the zero-day problem security researchers launched widely publicized "Month of Kernel Bugs" and "Month of Browser Bugs" projects during which they exposed a new unaaaaaed vulnerability in browsers and operating systems every day for a month.
Spam avalanche
Microsoft's Chief Software Architect Bill Gates predicted two years ago that spam would be gone by 2006. He should check his in-box.
Linkleri Üyelerimiz Görebilir. UslanmaM Üyeliği İçin Tıklayın:-)nagged IT administrators throughout 2006. Up to 90 percent of all e-mail was spam depending on the vendor recording the statistics. Spammers found creative ways to circumvent security software. Image-based spam where individual messages appear to be unique by subtracting or adding pixels foiled some security techniques.
Spammers also put messages in the images themselves a tougher challenge to stop since it requires processor-intensive optical character recognition (OCR) techniques. Spam remained the delivery vehicle for other malicious software such as aaastroke loggers and rootkits in addition to promoting links to phishing sites which often aim to steal financial data or log-in credentials.
Web 2.0 gets Hacked 1.0
MySpace.com may be a poster child for Web 2.0 but from a security perspective it hasn't been looking so pretty. That's because the popular:-)Linkleri Üyelerimiz Görebilir. UslanmaM Üyeliği İçin Tıklayın:-)this week by a password-stealing worm that exploited a scripting vulnerability on the Web site. And this was not even the first worm to hit MySpace. In October another more benign worm called Samy automatically added a Los Angeles teenager's name to visitors profiles quickly making him appear to be the most popular member of the MySpace community.
Security experts say that the kind of cross-site scripting attack used in the recent MySpace worm has become much more prevalent in the past year as hackers have discovered just how much can be done with these attacks. These bugs can be used to do far more harm than many people realize security experts say including forcing PCs to download illegal :-):-):-):-):-):-):-) hack other Web sites or send e-mail.
Vista lockout irks vendors
Microsoft:-)Linkleri Üyelerimiz Görebilir. UslanmaM Üyeliği İçin Tıklayın:-)by saying it wouldn't allow their software to access the kernel of the 64-bit version of Windows Vista. aaaaa Guard Microsoft's kernel security technology blocks access to prevent unauthorized modifications by malicious software.
Vendors led by Symantec and:-)Linkleri Üyelerimiz Görebilir. UslanmaM Üyeliği İçin Tıklayın:-)they needed access to the kernel to detect malicious software such as rootkits which burrow deep into the OS. After a flurry of public statements and pressure from the European Commission Microsoft agreed to make APIs (application programming interfaces) available.
The APIs will allow host intrusion prevention technologies used by vendors to function without hooking the kernel. But Microsoft said the APIs wouldn't be ready until the release of Service Pack 1 for Vista.


Linkleri Üyelerimiz Görebilir. UslanmaM Üyeliği İçin Tıklayın