Help Net Security reports that attackers continue to focus on social engineering attacks and circumventing legacy enterprise security systems according to a recent report by Zscaler. The Sunnyvale, CA based firm reported shifts in the sources of enterprise web traffic, and that some popular sites attempt to improve user security. Here are some of the top findings detailed in the report:
- Local apps are generating more direct HTTP and HTTPS traffic
- Not all web traffic comes from browsers, and as this traffic shifts, web threats have a new attack vector
- Internet Explorer 6 is on the decline in the enterprise. While this mitigates the security risks of the old browser platform, it could lead to a shift in attacks.
- Google (GOOG) is actively attempting to thwart search engine optimization (SEO) spam and fake AV attacks, the topmost Internet threats today. However, most users remain exposed to these threats.
- More sites, like Facebook (FB) and Gmail, are moving to HTTPS delivery. This is good for preventing sidejacking, but it allows savvy attackers a way to bypass traditional network-based security controls like IDS/IPS, which cannot decrypt traffic for inspection.
“Attackers know the limits of traditional security solutions,” says Michael Sutton, VP of Security Research at Zscaler. “But they are also very good at taking advantage of emerging technologies and new vectors for attack. Standalone user applications, social engineering attacks, and the move to HTTPS all have the potential to introduce new threats. Now more than ever, enterprise security solutions must inspect traffic in real-time, all the time, regardless of source, to provide true protection.”
I have covered IOT for a while here and hare. I wrote about the big sites moving to HTTPS a while ago here and even wrote about HTTPS Everywhere here. And I sure I don’t cost as much as an engagement with these firms.
- Zscaler ThreatLabZ Tackles Facebook Likejacking (allfacebook.com)
- Zscaler Offers Lookup of Abusive IP Addresses (pcworld.com)