Vulnerabilities / Threats
12/28/2010
07:26 PM
50%
50%

Apple, Social Networks Top Cybercrime Targets In 2011

McAfee threat predictions for the coming year forecast that Apple's increasing influence in personal computing, smartphones, and tablets will make it a prime target for cybercriminals.

Top 10 Security Stories Of 2010
(click image for larger view)
Slideshow: Top 10 Security Stories Of 2010

All the hottest Internet technologies this year, including geolocation services, Web-enabled TVs, mobile devices running Google Android and Apple iOS, and online social networks, will be key targets of cybercriminals in 2011, a security firm predicts.

Consumer electronics and Internet companies have rushed to market this year with cutting-edge products and services that have already seen a significant increase in attacks and data loss, McAfee said in its list of threat predictions for next year. This trend will continue in 2011 with cybercriminals finding new ways to steal personal information from consumers flocking to these new technologies.

"We've seen significant advancements in device and social network adoption, placing a bulls-eye on the platforms and services users are embracing the most," Vincent Weafer, senior VP of McAfee Labs, said in a statement.

Apple products are expected to be among the top targets of cybercriminals in 2011. The company's Mac computers have long been spared the attention of hackers because of their small market share. That has changed with the company's rebirth as a major consumer electronics company.

McAfee expects the sophistication of Trojans and other malware for the Mac and Apple's iPhone and iPad to increase next year, escalating the risk of personal data and identity theft. Cybercriminals are also expected to target other mobile devices, such as Android-based phones and tablets. These devices are easy targets because many users are unknowledgeable about proper security and network operators are moving too slowly toward encrypting data.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-0714
Published: 2015-05-02
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse Server 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCut53595.

CVE-2014-3598
Published: 2015-05-01
The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image.

CVE-2014-8361
Published: 2015-05-01
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request.

CVE-2015-0237
Published: 2015-05-01
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores the permission to deny snapshot creation during live storage migration between domains, which allows remote authenticated users to cause a denial of service (prevent host start) by creating a long snapshot chain.

CVE-2015-0257
Published: 2015-05-01
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local users to obtain sensitive information by reading files in the directory.

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.