Hackers Still Exploit the Old Standard Security Weaknesses
A recent report by TrustWave finds that companies are spending so much time on trying to address the new security flaws coming up, such as mobility, they are missing the old standard. "For instance, the top three ways hackers gained initial access to corporate networks in 2009 were via remote access applications, trusted internal network connections and SQL injection attacks, Trustwave found." The report was based on an analysis of data gathered from more than 1,900 penetration tests and over 200 data breach investigations conducted on behalf of clients such as American Express, MasterCard, Discover, Visa and several large retailers.
The report is a wakeup call for security administrators - not to ignore the old vulnerabilities. But it also points to the growing complexity of systems security and control.
A write-up on the report can be found on Computerworld. The report can be downloaded from this site, after filling out a questionnaire.