IT Management Begins With Security
SecurityProNews > News > Security News > Finjan Discusses Malicious Findings
Search:
[ news_security_news ]

Finjan Discusses Malicious Findings



SecurityProNews
Staff Writer
2006-10-11

SecurityProNews: News RSS Feed Security News RSS Feed


Web security solutions provider Finjan announced some key findings from its Malicious Code Research Center (MCRC).

The MCRC released a report on Web Security Trends that details information related to malicious code found on storage and caching servers.

"This malicious code can be referenced by third-party web pages and can be used to exploit an end user's machine," said Finjan CTO Yuval Ben-Itzhak. "Even if the malicious site has been taken down, its malicious content is still stored and served by the caching servers. The exploit can result in the installation of Spyware, Trojans, and other malware that compromise a user's privacy and identity."

The report also discusses threats related to "Web 2.0" platforms and technologies. According to Finjan:

Another newly discovered web security threat centers on the use of Web 2.0 and AJAX (Asynchronous JavaScript and XML) technologies for malicious activities. While Web 2.0 and AJAX offer an enriched and improved user experience for Internet users, the technology also flings open the door to new malware propagation methods. "By targeting high-traffic web sites, hackers have found an easy way to achieve mass propagation," Ben-Itzhak said. "By either embedding malicious code in hosted Web content or by using AJAX to query the 'hidden web', hackers can create 'invisible' attacks since the code is never revealed on the site."

Ben-Itzhak noted that in order to protect users from malicious AJAX queries, enterprises require security solutions that are capable of analyzing each web request/reply "on the fly." "Behavior-based analysis of web content, performed on the gateway between the browser and web servers, is one effective method for doing this," he said. "A further advantage of behavior-based security is that it analyzes each and every piece of content, regardless of its original source. This technology assures that malicious content will not enter the network even if its origin is a highly trusted site."

Finjan also notes that commercialization of malicious code is on the rise, claiming that researchers uncovered a company that seeks out bugs/flaws in security products (e.g., ZoneAlarm Pro, Norton Personal Firewall).

Add to Del.icio.us | Digg | Yahoo! My Web | Furl

Get all the updates in RSS:


About the Author:
SecurityProNews is a daily online and email publication focusing on internet security issues.

More news_security_news Articles

SecurityProNews: News RSS Feed Security News RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - 1998-2008 All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds