Attacks targeted to specific applications

An emerging threat is the threat of specialized attacks against targeted applications. These attacks are focused on a particular database or application with the objective of gaining access to information or services. Economics is the primary driver of these types of attacks. Well-defined and enforced access controls, secure software development practices, and detailed monitoring of applications are required to combat these specialized attacks.

How to Assess and Mitigate Information Security Threats
  Introduction
  Malware: The ever-evolving threat
  Network-based attacks
  Information theft and cryptographic attacks
  Attacks targeted to specific applications
  Social engineering
  Threats to physical security
  Balancing the cost and benefits of countermeasures

This chapter excerpt from the free eBook The Shortcut Guide to Protecting Business Internet Usage, by Dan Sullivan, is printed with permission from Realtimepublishers, Copyright 2006.

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Web Application Security Future security threats: Enterprise attacks of 2009 How to prevent clickjacking attacks with security policy, not technology Finjan offers free audits for crimeware sufferers Finance sector poor at achieving outsourcing success How to prevent SQL Server and Internet Explorer hack attacks Web browser exploits explained Sophos adds browser and virtualisation blocking features Web advertising exploits: Protecting Web browsers and servers Hacker toolkit targets Microsoft Access zero-day Hackers and phishers see charities as "soft targets" Database Protection Secerno puts database security under ArcSight umbrella NHS trust fires manager for losing laptop Ransomware: How to deal with advanced encryption algorithms Vendors rally to repair dangerous DNS flaw Stockbroking firm fined for weak data security Protecting exposed servers from Google hacks (and Google 'dorks') Brits lose their fear of encryption – slowly Security survey shows British business still has much to do Ninety four more breaches reported since the HMRC case Data loss prevention (DLP) tools in 2008: The new way to prevent identity theft? Secure Coding Cybercrime reports: Security not broken, but breaking at the seams Finjan offers free audits for crimeware sufferers (ISC)2 targets software developers with secure accreditation PGP and IBM kickstart Bletchley Park rescue Debian: A niche OS with a not-so-niche security flaw Hacker toolkit targets Microsoft Access zero-day How can app developers solve a problem like insecure code? Coders need to forget 'groovy' features, remember security The re-birth of the metamorphic virus Enterprise security in 2008: Building trust into the application development process

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Serious Organized Crime Agency  (SearchSecurityUK.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary