2005 Internet Attack Trends
For those of you who read Bruce Schneier's blog (http://www.schneier.com/blog/
, RSS 1.0 feed at http://www.schneier.com/blog/index.rdf
, RSS 2.0 (just excerpts) at http://www.schneier.com/blog/index.xml
), or subscribe to the CRYPTO-GRAM (http://www.schneier.com/crypto-gram-0506.html
) the below comes from the most recent edition of the 'gram. If you're in IT security and you're not reading Schneier... well, then you're not really in security.
Considering where they see attacks happening, it might not be a bad idea to check all of the recent patches that affect the DCOM interface and the LSASS, and ensure they're installed on your systems. "These seem to be the current favorites for virus and worm writers, and we expect this trend to continue."
If they're they favorites, that usually means that not enough people have patched them yet, so the victim population is large enough to target. Let's work on removing the targets, shall we?