Financial institutions with critical systems and cash on the line are reorganizing to deal with the closing gap between the hole and the patch. Zero day exploits are upon us. Case in point, the June 25th Russian attacks that turned IIS servers into delivery platforms for identity-thieving Trojan keystroke loggers. The attacks relied on two vulnerabilities in Internet Explorer that security researchers discovered for the first time weeks earlier on a malicious adware-implanting website. At the time of the attack, no patch was available. ISPs were able to quickly contain the threat by shutting down traffic to the Russian host serving up the malware. But the episode proved that the zero day concern is more than hyperbole. “We believe zero day vulnerabilities are imminent. says Oliver Friedrichs, senior manager at Symantec’s Security Response center. [Symantec publishes SecurityFocus]. “In this example, that was proven true.” Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.