This morning I read cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 new @RISK: The Consensus Security Alert from SANS and friends. It begins with this comment:
"Prediction: This is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 year you will see application level attacks mature and proliferate. As hackers focus more on applications, Oracle may start competing with Microsoft as cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 vendor delivering software with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 most critical vulnerabilities."
I hear this focus on "applications" constantly, but this is old news. First look at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 problem by separating cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 operating system (OS) kernel from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 OS applications. If we look at vulnerabilities in this respect, "applications" have been under attack for decades. Perusing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 CERT Advisories list (transitioned to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 US-CERT's Technical Cyber Security Alerts in 2004), we see warnings about application vulnerabilities since 1988. For example, in December 1998 we have CA-1988-01: ftpd Vulnerability.
You might say that my separation of OS kernel and OS applications doesn't capture cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 spirit of SANS' "prediction." You might think that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir new warning means we should focus on applications that don't ship with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "OS." In ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r words, look at widely deployed applications that aren't bundled with an OS installation CD. Using that criteria, "application attacks" are still old news. Check out this July 2001 advisory, CA-2001-16: Oracle 8i contains buffer overflow in TNS listener. That was followed a month later by CA-2001-24: Vulnerability in OpenView and NetView and three months later by CA-2001-29: Oracle9iAS Web Cache vulnerable to buffer overflow.
Maybe my background as a history major is at work here, but I think "hackers" have been attacking applications for years.
Subscribe to:
Post Comments (Atom)
4 comments:
Hi Richard,
My comments are at http://www.emergentchaos.com/archives/000840.html
Does blogger support trackback yet? :)
Like in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 previous comment, I think you miss cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 point concerning SANS prediction about application level attacks. IMHO what SANS states here is that application level attacks will develop much more this year and be much more used. I think it's clear for everybody that this type of attacks has existed for years.
Thanks as always for reading and commenting. However, just because cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 public is waking up to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 realities of intrusions doesn't mean anything new is happening. Five years ago three citizens of Kazakhstan were arrested for allegedly breaking into Bloomberg L.P.’s ("Bloomberg") computer system in Manhattan in an attempt to extort money from Bloomberg. Four years ago SANS itself partnered with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 FBI to warn of Eastern European organized crime that had "stolen credit card and ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r data from at least 40 domestic e-commerce and e-banking sites." Three years ago I performed an incident response involving $10 million in fraudulent product orders gained via application attacks. These sorts of attacks and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir motivations "matured" years ago.
I forgot to mention that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Romanian organized crime incident response I did in 2002 was cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 end of an intrusion that started in 1999 -- six years ago. The intruder took advantage of an application vulnerability and proceeded to cash in on his exploitation of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 victim company.
Post a Comment