Google’s “Ghost in a Browser”, WebSense, and more…

First things first – big Kudos to Google for their research paper. We at MCRC have found it to be very reassuring for us – now we know we are not the only nuts out there running around in the security arena and wondering how come nobody sees the imminent threats described in the paper.

I’ve recently ran across a blog post on the websense site (http://www.websense.com/securitylabs/blog/blog.php?BlogID=125) which related to the same research paper, and mentioned that the “bad” news is that it does not cover a lot of other attacks out there.

Right, but to completely correct… When you look at the web security field, most of the other attacks mentioned by our colleagues at WebSense, are still web attacks. Having email/IM lure you to click on a link is a web attack, hacking a legitimate site to have malicious code linked/injected into it is a web attack, typos in domain names are web attacks, etc…

My main point is – does not matter where do you get to the malicious code, it’s still malicious code. And if your security solution can handle it, you are protected. End of story.

We have been seeing a lot of various new trends during the past 3 month at MCRC while researching and analyzing attacks, and the common ground for all of them was still the same, no matter where they came from. sponsored links, hacked sites, phishing emails, IM lures, as long as the true attack vector involves the web channel – it’s a web threat and is definitely covered in the Google paper.

Look for our upcoming Q2 trend report where we’ll cover a LOT of interesting trends as I mentioned above… Really cool stuff…


Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.