Attacks targeted to specific applications

An emerging threat is the threat of specialized attacks against targeted applications. These attacks are focused on a particular database or application with the objective of gaining access to information or services. Economics is the primary driver of these types of attacks. Well-defined and enforced access controls, secure software development practices, and detailed monitoring of applications are required to combat these specialized attacks.

How to Assess and Mitigate Information Security Threats
  Introduction
  Malware: The ever-evolving threat
  Network-based attacks
  Information theft and cryptographic attacks
  Attacks targeted to specific applications
  Social engineering
  Threats to physical security
  Balancing the cost and benefits of countermeasures

This chapter excerpt from the free eBook The Shortcut Guide to Protecting Business Internet Usage, by Dan Sullivan, is printed with permission from Realtimepublishers, Copyright 2006.

BROWSE BY TAG Application and Platform Security,   Application Attacks (Buffer Overflows, Cross-Site Scripting),   Database Security Management,   Software Development Methodology,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Application Attacks (Buffer Overflows, Cross-Site Scripting) PCI management: The case for Web application firewalls Month of Twitter Bugs project to document Twitter flaws Adobe issues first quarterly patch release fixing 13 flaws Balancing security and performance: Protecting layer 7 on the network Adobe issues Reader update fixing zero-day flaw The Pipe Dream of No More Free Bugs Security Squad: Federal cybersecurity defenses Oracle issues 43 updates, fixes serious database flaws Attackers target new Microsoft PowerPoint zero-day flaw How to detect input validation errors and vulnerabilities Application Attacks (Buffer Overflows, Cross-Site Scripting) Research Database Security Management Oracle to buy Sun Microsystems for $7.4 billion Oracle issues 43 updates, fixes serious database flaws Information security book excerpts and reviews Kaspersky website hacked multiple times, expert says Kaspersky website hacked, customer activation codes exposed SQL injection attacks targeting Flash, JavaScript errors Fuzzing tool helps Oracle DBAs defend against SQL injection Oracle extends Audit Vault third-party database compatibility When should a database application be placed in a DMZ? Oracle patches dangerous WebLogic, Secure Backup vulnerabilities Database Security Management Research Software Development Methodology nCircle statistics show rising Web application vulnerabilities Common PCI questions: Web application firewalls or source code review? Juniper pulls ATM hacking presentation from Black Hat V.i Labs integrates Google maps to track software piracy Software Piracy pandemic needs government role, better vendor antipiracy plans Software piracy losses total $53 billion, study finds Google study backs browser silent auto update feature Secure software development starts before coding begins Security budget issues to resonate at RSA Conference Twitter worm attack highlights social network flaws

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary buffer overflow  (SearchSecurity.com) cache poisoning  (SearchSecurity.com) cyberterrorism  (SearchSecurity.com) dictionary attack  (SearchSecurity.com) directory harvest attack  (SearchSecurity.com) distributed denial-of-service attack  (SearchSecurity.com) JavaScript hijacking  (SearchSecurity.com) ping of death  (SearchSecurity.com) stack smashing  (SearchSecurity.com) SYN flooding  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary