Welcome Guest. | Log In| Register | Membership Benefits
  • Email this page E-mail this page
  • |  Print Print this page
  • |   Bookmark and Share

Four Threats For '09 That You've Probably Never Heard Of (Or Thought About)


(Page 3 of 5)

Radical extremist hackers

While many cybercrime organizations operate out of Eastern Europe today, that could soon change: iDefense predicts that 2009 will be the year that Middle Eastern cybercartels expand into online fraud. A recent wave of fatwas issued by radical Islamic religious leaders in that region authorizing these groups to use cyberattacks to defend Islam has opened the door for these groups to wage cyberattacks, according to iDefense.

"Religious hackers now have the authority to do these operations as long as they are protecting Islam," says Rick Howard, intelligence director for iDefense. "Some are specific to cyberfraud to fund the Islamic agenda."

IDefense expects U.S. financial institutions to be prime targets for these extremist hackers. "Now they have the authority of their religious leaders to go for it," Howard says.

Perimeter eSecurity's Prince says the addition of these hacker groups in the Middle East is a continuation of the political hacking we've seen in the recent Russia-Georgia conflict and other international clashes. Islamic extremist are suspected to be behind a series of hacks and defacements of Israeli Websites over the past few days. Attackers defaced more than 300 sites with anti-Israeli and anti-U.S. messages in the wake of Israel's bombing of Gaza.

"My take on defaced Websites is that they are not so much about attacks but more like cyber-tree huggers who want peace and have these hacking skills," Prince says. "When they see the reports on CNN, they want to participate in some way to do what they can to have their position heard and to fight in their small way."

But all-out cyberwarfare is indeed a threat, he adds. "What we've seen to date, though, are political uprisings against anything people don't like," Prince says.

Next: Attacks on online ad revenue

Page 4: 
« Previous Page | 1 | 2 | 3 | 4 | 5 Next Page »


Subscribe to RSS










Bugs
ENTERPRISE VULNERABILITIES
Vulnerability:suse linux
Published:2010-01-22
Severity:High
Description:SUSE Linux Enterprise 10 SP3 (SLE10-SP3) configures postfix to listen on all network interfaces, which might allow remote attackers to bypass intended access restrictions.
Vulnerability:ie
Published:2010-01-22
Severity:High
Description:The URL validation functionality in Microsoft Internet Explorer 7 and 8 does not properly process input parameters, which allows remote attackers to execute arbitrary local programs via a crafted URL, aka "URL Validation Vulnerability."
Vulnerability:bind
Published:2010-01-22
Severity:Medium
Description:ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.
Vulnerability:ie
Published:2010-01-22
Severity:High
Description:Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2530 and CVE-2009-2531.
Vulnerability:ie
Published:2010-01-22
Severity:High
Description:Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671, CVE-2009-3674, and CVE-2010-0246.


Briefing Centers
POWERFUL INFORMATION
AT YOUR FINGERTIPS
(SPONSORED LINKS)