> Actually, on that same note, I recently did an analysis of > the last three years of published Windows vulnerabilities.
Thanks, Roger. That's a really useful, apposite and timely item. -- David Harley AVIEN Interim Administrator: http://www.avien.org http://www.smallblue-greenworld.co.uk > 86% required local end-user interaction (i.e. social > engineering) to be pulled off. > http://www.infoworld.com/article/07/10/19/42OPsecadvise-inside r-threats_ > 1.html > > I didn't analyze Linux or BSD threats, but my gut feeling > puts them at the same level or even higher. > > With 86% or more of the past threats requiring social > engineering to pull off, we can safely say the "future" you > state below is here now. > > Now, what is interesting is that any exploit requiring social > engineering to work has so far been less of a problem than > the vast majority of "remote buffer overflow" exploits like > the Blaster and SQL worms. Social engineering-required > malware still works, and works well, but not with the same > success of remote buffer overflow malware. There is very > little we in the security space can point to as a > success...but the overall decrease in remote buffer overflows > is one. Unfortunately, the social engineering malware is > getting better day-by-day. We can no longer count on > mispellings (sic) and bad grammar to be malware indicators. > Our users, regardless of the OS, are ready as ever to click > on interesting content, malicious or not. We've got to design > our defenses to pay more attention to client-side attacks, > but it is the weak point now, not in the future. > > Roger > > ***************************************************************** > *Roger A. Grimes, InfoWorld, Security Columnist *CPA, CISSP, > CISA, MCSE: Security (2000/2003), CEH, yada...yada... > *email: [EMAIL PROTECTED] or [EMAIL PROTECTED] > *Author of Windows Vista Security: Securing Vista Against > Malicious Attacks (Wiley) > *http://www.amazon.com/Windows-Vista-Security-Securing-Malicio us/dp/0470 > 101555 > ***************************************************************** > > > -----Original Message----- > From: Alex Eckelberry [mailto:[EMAIL PROTECTED] > Sent: Thursday, November 01, 2007 5:49 PM > To: Thor (Hammer of God); Gadi Evron; [EMAIL PROTECTED]; > [email protected] > Subject: RE: mac trojan in-the-wild > > The future of malware is going to be largely through social > engineering. > Does that mean we ignore every threat that comes out because > it requires > user interaction? Seems like whistling past the graveyard to me. > > Alex > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
