Top Five Vulnerabilities Attackers Use Against Browsers

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7
Next Top Five Vulnerabilities Attackers Use Against Browsers-4 Next

Advanced persistent threats

Advanced persistent threats (APTs) have gotten a lot of press in the last few years (ever hear of Stuxnet?). This type of attack quietly installs malicious code on an endpoint and then steals data (keystrokes, screen shots, browser activity) or even modifies what the user sees in their browser, sometimes going undetected for years. These attacks use myriad methods to get installed, many not related to the browser – for example, via an infected thumb drive or a hostile email attachment. But since so many sensitive interactions occur via the browser, most of these types of attacks put a high priority on stealing data from the browser.

Ways to avoid: Install a good antivirus product, and just use common sense – don't pick up random thumb drives, open suspicious email attachments, or visit porn sites on your work computer. Don't take a laptop to defcon.

Web browsers are the primary target for many attackers these days, because so much sensitive data passes through them. From casual shopping to enterprise management systems to military operations, browsers have become the primary vehicle people use to access network-connected systems. Unfortunately, browsers have a long and storied history of vulnerabilities that have provided attackers with a lucrative and near-endless supply of victims upon which to prey. Quarri Technologies, Inc., a Web information security software company, has identified some of the top vulnerabilities attackers use against browsers.

Note: This slideshow is focused on browser vulnerabilities, not website vulnerabilities (SQL injection attacks, XSS, XSRF, et al). The distinction is subtle but important.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

Privacy rollback Security Pros Give Their Opinions on ISP Data Privacy Rollback

IT staff, organization leaders, and the average citizen have all expressed levels of concern over the FCC about-face in regard to ISP privacy. Here’s what the security experts say. ...  More >>

IT security skills 7 Top Skills for Security Pros

Executives at several top tech firms outline the skills they need now and in the near future, including IaaS and IoT security expertise. Other skills listed may surprise you. ...  More >>

IT security careers The Most In-Demand Security Jobs and How to Get Them

Security professionals are in demand right now, and entry-level security jobs generally fall into either an engineer or analyst role. Find out more about required skills and career paths. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.