Security Response

Given the increase of malicious activity in the current threatlandscape, consumers need to be more cautious when browsing theInternet. Web browsers are now supporting an increasing number oftechnologies. The more a Web browser has to deal with, the more likelya security hole will be inadvertently coded into it. Therefore, it's nowonder attackers are targeting the growing number of vulnerabilities inWeb browsers.

Over the last six months of 2006 we have been tracking thedistribution of attacks targeting Web browsers. The results show thatMicrosoft’s Internet Explorer leads with an extremely large margin inthe number of attackers targeting it. The primary focus of attacksseems to target ActiveX controls; ActiveX controls are not strictly apart of the browser, but simply provide functionality that can be usedby the browser. This brings into question the security viability ofMicrosoft’s latest version of their popular browser Internet Explorer 7.

Internet Explorer 7...

As spring quickly approaches, the Internet continues to grow into amore and more complex world driven by commerce. Businesses have longsince moved in and millions of dollars change hands every day online.Along with big business comes organized crime. Perhaps not necessarilythe organized crime immortalized in stories like The Godfather or The Sopranos,but Internet crimes are carried out in an organized way designed toconnect the theft of a single person’s user account credentials to abuyer on the mass market for illegal information. Throughout thisorganization, bots play the leading role.

Bots, once used primarily by their owners to carry out denial ofservice attacks driven by grudges, bragging rights, or politicalmotives, have been firmly incorporated into the toolkit of organizedcrime on the Internet. Bots can do pretty much anything: carry outattacks, host spam relays, carry out DoS attacks, host phishing sites,and log keystrokes on the computer they...

February's Home and Home Office Security Report covers a number ofsecurity issues, including this month's "Hot Topic," which describes anattack targeting insecure routers that could allow a hacker to view allthe information you type online, including passwords! Recently,researchers have discovered a method that hackers may be able to use tobreak into your networks through your home wireless or wired router. Totake advantage of this issue, a hacker would simply have to entice youto load a Web page that they control. Once loaded, the site wouldhijack your router and allow the hacker to control the Web sites thatyou visit. For example, if you type in the Web address of your bank,the hacker could redirect your request to a site that is designed tolook like your bank's Web site, but is, in fact, controlled by thehacker. Any information that you enter on the hacker-controlled sitewould be viewable by the hacker, including user names and passwords foronline banking, credit card...