Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Future Security Threats

from [Jon R. Kibler] Network Security [Permanent Link]
Subject: Re: Future Security Threats
Date: Fri, 30 Nov 2007 18:26:48 +0000
n0bodykn0ws7@googlemail.com wrote: 
Hi,
I am have to write a paper for my uni about upcoming security threats. Can you 
guys give me some ideas related to it ? Like Phishing, what are going to be 
upcoming threats. I have read Billy Hoffman on Ajax security dangers and stuff 
like threats to smart phones, security threats in virtualization etc but not 
able to find much details on them. What you guys feel are going to be dangerous 
security threats in coming 2-3 years ? Any suggestions will help

Thanks in advance,
Jric


VoIP, wireless, and control systems scare me the most.

There have been demonstrated MiTM VoIP attacks against IVR systems already.

VoIP spam is another issue. We think spam email is bad, what are we going to do 
about VoIP spam? Are you going to not answer your phone?

On the wireless front, I would not be surprised to see SSL MiTM attacks against 
wireless connections, where credit card and other confidential information is 
compromised.

Almost anything that is a control system (PLC, SCADA, etc.) are highly 
vulnerable. I once did a network scan for an organization that thought they 
only had 'computers' on their network. Turns out the HVAC and building access 
control system were also on the LAN. Crash and burned (literally, destroyed) 
both. A simple port scan killed the NVRAM software on both systems. Client had 
to replace control boards in both to get them back online (which took several 
days!).

Also (and this isn't 'the future'), I think attacks against on-line financial 
systems (banking, retirement, etc.) are only going to increase. IMHO anyone who 
does anything financial online (except credit card purchases at well known 
vendors) is either clueless or a moron.

In the deeply technical area, I would not be surprised to see attacks against 
MPLS WANs. Vendors are marketing them as being 'as secure as frame' and 
actively discouraging encrypted traffic on these networks. Thus, all you need 
is the ability to sniff MPLS packets (technically, frames) to access all sorts 
of confidential information.

Finally, I would not be surprised to see a significant increase in attacks 
against network infrastructure, such as routing and name servers.

Jon Kibler
--
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC  USA
(843) 849-8214





==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Hardware Firewall recommendations, Tremaine Lea
Previous by Thread:  Future Security Threats, n0bodykn0ws7
Next by Thread:  Hardware Firewall recommendations, Chris [HORIZONsolutions]
Indexes:  [Date] [Thread] [Top] [All Lists]