Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

5/26/2017
08:00 AM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail

8 Most Overlooked Security Threats

Businesses know the obvious security threats to watch for, but some of the biggest dangers may not at top-of-mind.
2 of 9

Malvertising

Malvertising has fallen off the radar over the last year or so, says Jerome Segura, lead malware intelligence analyst at Malwarebytes. It still remains a threat, but for a new pool of targets.

Attackers previously targeted high-profile media sites with malware but learned those attacks generated a lot of attention, he explains. Now they've begun turning to smaller brand names with a lot of traffic but less visibility: foreign websites and file-sharing sites, for example.

"Those typically also don't care as much about visitors as a more high-profile website would," Segura continues; as a result, malvertising often gets overlooked. "How much do you care about making sure ads are clean and appropriate?"

Attackers primarily rely on malicious ads to generate revenue, but it's also used to collect identities or install malware that can be used to add a machine to a botnet in the future. Contractors are more likely to overlook malvertising compared with full-time employees who manage websites.

"A team that's not full time on the project won't be as familiar from start to finish," says Logan Kipp, WordPress evangelist at SiteLock. "They often overlook [malicious ads] because the look like they belong," and unless they know to look at the source code, it won't seem suspicious.

Full-timers who maintain the app every day are more likely to notice if something is amiss. Businesses can mitigate the risk of malvertising by patching systems and using ad blockers.

(Image: David Carillet via Shutterstock)

2 of 9
Comment  | 
Print  | 
Comments
Threaded  |  Newest First  |  Oldest First
tcritchley07
100%
0%
tcritchley07,
User Rank: Moderator
5/26/2017 | 5:58:54 PM
8 Most Overlooked Security Threats
Interestng article but there is a 90 degree view of this which is disaster recovery when the attack actually works.

The reent Wanna Cry attcaks immobilised large parts of Britain's NHS and it is apparent they did not have a DR plan rto revocover. Moving on, and thinking laterally, there is a case for scrapping the use of Windows in many cases as the bad guys are obviously very proficient in this area. How would they fare with z/OS, Linux and Unix??

Just a few thoughts out of the box.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
5/30/2017 | 12:17:53 PM
Re: 8 Most Overlooked Security Threats
"The reent Wanna Cry attcaks immobilised large parts of Britain's NHS and it is apparent they did not have a DR plan rto revocover"

Agree. That is becoming major issue, if there is nothing to fall back it is downtime obviously. 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
5/30/2017 | 12:19:39 PM
Re: 8 Most Overlooked Security Threats
How would they fare with z/OS, Linux and Unix??

I say the same way, it is not about OS, there is always vulnerabilities in all OSes.
tcritchley07
100%
0%
tcritchley07,
User Rank: Moderator
5/30/2017 | 2:23:39 PM
Re: 8 Most Overlooked Security Threats
I'm afraid all OSes are not the same. Windows is a ramshackle lash-up which changes every version and is wide open to abuse. z/OS is far more robust and defendable than Windows and is capable of protecting Linux running under it. The 3rd party apps that run with Windows to give the total internet environment were not designed together and are bolt-ons with the same potential for interference with each other and by the bad guys. We all know that certain apps will not coexist on Windows and some have brought my system down before I uninstalled them.

PS I am not an apprentice but have nearly 50 years in IT as practitioner latterly as an author.
ronbo1963
100%
0%
ronbo1963,
User Rank: Apprentice
5/31/2017 | 11:54:53 AM
Re: 8 Most Overlooked Security Threats
Spot on. I started my IT career working in a IBM Mainframe environment. The economy of scale of going back to that platform would be a tremendous benefit to any corporate enterprise. When the top 50 banks in the world rely on z/OS as their primary server environment what do they know that the rest of the corporate world do not....... P.S. 35 years IT. Also performed the Common Criteria Evaluation of two to the z/OS security filters. Much more robust and safe than other platform implementations.....
ebyjeeby
100%
0%
ebyjeeby,
User Rank: Strategist
6/6/2017 | 2:04:45 PM
Re: 8 Most Overlooked Security Threats
z/OS and NSK are very secure, nothing like *nix and Windows.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
5/29/2017 | 9:06:24 PM
Malvertising
Worth noting that malvertising has also been used to deliver malware.

Yet another reason to disable/block Flash, Java, and HTML5 on all but the most trusted of sites.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
5/30/2017 | 12:21:17 PM
Re: Malvertising
"Yet another reason to disable/block Flash, Java, and HTML5 on all but the most trusted of sites."

HTML5? Then no sites could run on any browsers, correct?
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
6/2/2017 | 4:32:13 PM
Re: Malvertising
@Dr.T: Incorrect. But most if not all video would be disabled. And then for the sites you explicitly trust, you could enable as needed.
stevejennings
50%
50%
stevejennings,
User Rank: Strategist
6/7/2017 | 9:00:53 AM
Re: Malvertising
64% of Americans work from home? Really? Perhaps you meant 64% of IT professionals? And even that sounds high.
LindsayCybSafe
50%
50%
LindsayCybSafe,
User Rank: Strategist
5/30/2017 | 6:57:40 AM
Awareness training
Interesting how many of the overlooked security threats come down to No. 8 - employee awareness. Mobilisation, IoT, in-memory phishing attacks push the ball into the court of employees and their devices...a disproportionate focus technology is happening, when hackers are focusing on people more than ever.
Dr.T
100%
0%
Dr.T,
User Rank: Ninja
5/30/2017 | 12:22:37 PM
Re: Awareness training
"when hackers are focusing on people more than ever"

Agree. It becomes more human hacking than machine.
Joe Stanganelli
100%
0%
Joe Stanganelli,
User Rank: Ninja
5/30/2017 | 4:39:24 PM
Re: Awareness training
This is the bigger issue in security: Creating a culture of security.  Having the best security systems in the world technologically do little good if people are just willing to hand over login information, click on links willy-nilly, and let strangers into their datacenters.
Joe Stanganelli
100%
0%
Joe Stanganelli,
User Rank: Ninja
6/2/2017 | 4:33:51 PM
Re: Awareness training
@Dr.T: I'm not even so sure about the "more than ever"... Hackers have long known that social engineering is where it's at.  And Kevin Mitnick taught us this through his own exploits back in the day.
EricT981
50%
50%
EricT981,
User Rank: Author
6/13/2017 | 2:57:17 PM
Re: Awareness training
It's easy to get excited about 0-days and network security because technology solutions are easier than human solutions. Education is important, but so is accountability: Security teams need to start bringing other teams (infrastructure, dev) into the fray.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
5/30/2017 | 11:54:32 AM
Evil maid
This is most likely a common one that we are not that much aware of.
Dr.T
100%
0%
Dr.T,
User Rank: Ninja
5/30/2017 | 12:23:02 PM
Undereducated employees
 

This is more critical one I would say.
tadwhitaker
100%
0%
tadwhitaker,
User Rank: Author
6/5/2017 | 2:48:12 PM
IOT
The threat of connected devices can't be overstated enough. It needs to be the next phishing, in terms of public awareness. Particularly as voice-activated assistants are widely adopted.
JackieHorn09
50%
50%
JackieHorn09,
User Rank: Apprentice
1/7/2019 | 9:16:51 PM
Newbie
I am a 33-year-old female, with no military affiliation just getting started with my bachelor's in cybersecurity.  Any thoughts or help to get started? Will my age and the fact that I have no prior military hurt me? 
COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/5/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Cybersecurity Spending Hits 'Temporary Pause' Amid Pandemic
Kelly Jackson Higgins, Executive Editor at Dark Reading,  6/2/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13864
PUBLISHED: 2020-06-05
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from a stored XSS vulnerability. An author user can create posts that result in a stored XSS by using a crafted payload in custom links.
CVE-2020-13865
PUBLISHED: 2020-06-05
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user can create posts that result in stored XSS vulnerabilities, by using a crafted link in the custom URL or by applying custom attributes.
CVE-2020-11696
PUBLISHED: 2020-06-05
In Combodo iTop a menu shortcut name can be exploited with a stored XSS payload. This is fixed in all iTop packages (community, essential, professional) in version 2.7.0 and iTop essential and iTop professional in version 2.6.4.
CVE-2020-11697
PUBLISHED: 2020-06-05
In Combodo iTop, dashboard ids can be exploited with a reflective XSS payload. This is fixed in all iTop packages (community, essential, professional) for version 2.7.0 and in iTop essential and iTop professional packages for version 2.6.4.
CVE-2020-13646
PUBLISHED: 2020-06-05
In the cheetah free wifi 5.1 driver file liebaonat.sys, local users are allowed to cause a denial of service (BSOD) or other unknown impact due to failure to verify the value of a specific IOCTL.