RealNews

Security group names top software risks

A security organization published its fourth annual list of the most vulnerable software Wednesday, putting network administrators on notice that they need to check their systems. The SysAdmin Audit Network Security (SANS) Institute’s “Top 20 Vulnerabilities,” first published three years ago in collaboration with the FBI’s National Infrastructure Protection Center, consists of two lists: the top 10 flaws in Microsoft’s operating system and software; and the top 10 flaws in Unix systems. “The (list) defines the set of network security vulnerabilities that are most commonly used by hackers to break into systems,” Alan Paller, director of research for the SANS Institute, said in a statement. “They should be addressed by network administrators as quickly as possible.” The lists are intended to guide system administrators in checking their systems for flawed software. Each description of the 20 vulnerabilities suggests ways to mitigate the risks that are associated with the particular insecure software. SANS rated Microsoft’s Web server–the Internet Information Service (IIS) software–as the leading cause of vulnerabilities in Windows systems. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.