Welcome to the Proxy Update, your source of news and information on Proxies and their role in network security.

Tuesday, June 9, 2009

McAfee announces new whitepaper on browser attacks

Last week, security company McAfee announced the availability of a new whitepaper on browser attacks. McAfee discusses the evolution of the browser from a simple tool to the fully functional software platform it is today. With corporate users, now using browsers to perform a significant amount of their daily work on the web, it's more important now than ever to secure the safety of the browser against more frequent, and more dangerous attacks.

These security observations should be no surprise to any proxy administrator, who's been battling the threats on browsers and their end-users browsing the web for some time now. But the paper is good reminder and a good overview of the new threats that do exist in the web world, and should help justify the dollars we're spending on our proxy implementation, regardless of the vendor we're using.

Other areas the paper covers include:

• The shift in spam to mainly malicious web link usage

• “Web 2.0” sites—whether weblogs, social networking or portal sites—are increasingly spammed with links to malicious sites

• Legitimate sites are compromised and misused to either host malicious code or link to a malicious website

• Use of malicious video banners placed in advertisement networks

• Use of popular search terms to advertise and drive (search query) traffic to a malicious website. In a recent case in Germany, attackers used Google AdWords to attract users who searched for “flash player” to the attacker’s fake Adobe-look-alike site

No comments: