I found an important Norwegian article with the following translated heading:
Traditional IT security is no longer adequat.
(Translate the article with
Google Translate)
Minimum recommended reading if you translate the article, See the story under the headings:
- The report reproduces several cases of spectacular use of fake websites.
- Social network contains multiple hazards.
Some important KW's from the Norwegian article:
- Spear phising.
- Cache (or DNS) poisoning. a technique that gets a DNS server to provide incorrect IP address to a given URL.
- DNS Security Extensions (DNSSEC).
The main message is that invisible threats make
- common sense
- anti virus and
- firewalls
incomplete for your online security.
The use of
- convincing e-post messages urging the user to click on rotten links to give away sensitive information, and
- invisible methods like cross server scripting (XSS) and SQL injections to infect computers by hacking into the webiste's server and leave code that hurt random visitors to the site
has been refined and improved.
Note:
The main majority - more than 79 percent - of the sites that infect its visitors are legal services that have been hacked by criminal hackers.
Original source:
Cisco 2008 Annual Security Report - Cisco Systems