SANS names top hacker targets

Microsoft's Internet Explorer has been named one of the Internet's top 20 hacker targets by a leading security organization.

The SANS Institute also said Wednesday that Microsoft Office and Windows Libraries and Services are some of the most vulnerable applications available on computers today.

But Microsoft was not alone in the annual list, released Wednesday. Apple Computer's Mac OS X was also cataloged, along with "configuration weaknesses" in Unix.

The 2006 list is of the Top 20 Attack Targets, whereas previously it was named the Top 20 Internet Security Vulnerabilities. Written by members of the SANS Institute and security experts from the technology industry and government bodies, it indicates which network features could leave a company vulnerable to attack.

Rohit Dhamankar, the chief scientist at TippingPoint and a SANS member, explained some current security threat trends.

"We've seen a lot of zero-day vulnerabilities this year. The next big thing is the number of attacks on Web applications. There's also continued growth in 'spear-phishing' attacks from Asia and Eastern Europe." In spear-phishing, the attacker creates an e-mail that appears to be a corporate internal message and sends it to a specific group of people in that company, who may be lulled into opening its malicious payload.

SANS also named Web applications, peer-to-peer (P2P) file-sharing software, media players, VoIP (voice over Internet Protocol) phones and people themselves as some of the easiest targets for hackers.

Dan Ilett of Silicon.com reported from London.

[GGGlen]

Good to see OS X is listed

I mean, wow! ZERO computers have been hit for a total of ZERO
users affected. Unfortunately, and as the lament of infected 'Doze
users goes;
"Nothin' from nothin' leaves nothin'
You gotta have somethin'
If you wanna be with me"
Call me when we hit 60,000+ virus's
;-P

[samkass]

Seriously

Call me when one byte of data has been lost due to a vulnerability
in MacOS X, or one minute of productivity. Heck, more minutes of
productivity are lost when one individual installs anti-virus
software on Windows than has ever been lost to all the MacOS X
users in the world, ever.

[Microsoft_Facts]

I read the list, it goes like this...

OSs: Microsoft, Microsoft, Microsoft, Microsoft, Microsoft, Not Microsoft, Not Microsoft.

Apps: Mostly Microsoft, mostly Microsoft, IM blended with Microsoft vulnerabilities, Media players blended with Microsoft vulnerabilities, not Microsoft, Microsoft. (Not NDS or NIS+)

VoIP: 200% (guestimate) increase for products using MS technology, not Microsoft.

Security: Microsoft. "What?!?!" You say? I worked with 100's of IT guys a year. Microsoft only technicians are generally less talented, and always are looking for the easy way out. Perhaps that's why the affinity they have to a point-and-click retarded MS operating system. Non-Microsoft techies tend to think about security and stability while they work. Users? Well...

0-day: Microsoft, hands down.

[ServedUp]

Windows VISTA is a much more juicy target.

What about Windows NT?? Why isn't VISTA on the list. Nevermind
Unix. Windows NT services the majority of computer users in the
world. If ever there was a bigger target, its VISTA hands down.

The fact the list totally avoided the red X on the head of
Windows Vista is a joke.

Meanwhile back at the ranch...

[Had_to_be_said]

What..? "OSX" a "top hacking target"..?

But... But... But...

I thought the ONLY REASON that "MS-Windows" had literally TENS OF THOUSANDS of actual VIRUSES and EXPLOITS, and "OSX" still appears to be virtually uncompromised, was entirely because ALL HACKERS were aiming at "Microsoft".

...at least that what every Microsoft-defender keeps claiming.

MY... MY... IVE GOT TO GET ME A "Macintosh"...

[tanis143]

I knew it

Ok, they said TARGET! Do I have to explain that term for you, or has that cutsie tootsie GUI of O/S X fried your brain too much? Its a target because of the all the hype its receiving as being "safe". The honest fact that if its connected to the net, its not safe. Period. Yes, there are more viruses for MS software, yes there are virtually no spyware/adware/viruses for Mac's. Hello.... do we have to go over this again? Why in the world would someone take the time to write a virus that will infect maybe 4% of the total pc market?

God, you mac fanboi's are almost as annoying as your commercials. Hands down, I'll take my Windows machine over your mac anyday of the week. Why? Because I like to use my pc, I like to customize my pc, and I like to upgrade my pc, and I like to game on my pc. A mac is good for many things, yes, if all you do is surf the net, download off iTunes, write papers, or do graphic work. But for gamers, tweakers, and those who enjoy testing software, Mac is not the way to go.

In otherwords, shutup, go back to adjusting your dockbar, and for gods sake beg Apple to stop those stupid commercials.

[jabbotts]

they are both PC's but thank goodness someone said it

Windows, osX, they're both personal computers.

osX can be customized, Windows can be customized, *nix OS are more customizable than both (unless you can install windows without a browser.. can you? huh? huh?) the other's combined.

But the basic fact is; comercials showing impervious apple beside flunky windows is good for marketing. consumers believing comercials showing impervious apple beside flunky windows is a complete divergance from reality.

The little cute apple sticker doesn't inherently ward off all possible threat. I mean, I'd take a mac over a windows machine any day if offered for free but my first step is still whiping the OS in favour of something else. Mind you, I also can't remember the last time I built a machine with only one bootable OS on it. With Knoppix live cd, my machines now generally run three OS depending on where I boot from.

[DeusExMachina]

explaining things

You appear to have absolutely NO understanding of this article.
You started on a such a high note, but then it all fell apart,
To wit:
"Its a target because of the all the hype its receiving as being
"safe""
This is absolutely true, but it is interesting that you should say
this because:
"Hello.... do we have to go over this again? Why in the world
would someone take the time to write a virus that will infect
maybe 4% of the total pc market?"
This COMPLETELY contradicts your above statement. The reason
that OS X is in the list is BECAUSE it is a target. Whether you are
intellectually capable of answering your own misinformed
rhetorical question, the fact of the matter is that "someone" IS
taking the time to try to write exploits for "4% of the market."
That is what this article is ABOUT! They are simply unsuccessful.

"Yes, there are more viruses for MS software, yes there are
virtually no spyware/adware/viruses for Mac's[sic]."

Yes, any amount is more that zero. It it not virtually no viruses,
it is ZERO viruses.

"A mac is good for many things, yes, if all you do is surf the net,
download off iTunes, write papers, or do graphic work."

What a load of ignorance. This statement makes it obvious that
you are just regurgitating verbatim what you have heard from
others without any personal experience.

It is also good for web coding, video creation, spread sheets,
word processing, scientific research, biological simulations,
software development, super computing applications, UNIX
servers, P2P, in short, anything you use your Windows box for.
As for gaming, it is perfectly capable of being a gaming box. The
fact that it has lower frame rates is the result of kernel level
decisions to prefer multithreaded application paths over single
tasking. Thus, while Windows may have much greater frame
rates coming out of their graphics cards, as soon as you try to
run a game at the same time as other applications instead of
dedicating the machine to gaming, this frame rate advantage
evaporates, and in fact OSX provides superior performance.
Again, this is because OSX is designed to actually provide a
platform for getting WORK done, not shooting alien or hacking
people up in WOW.

Oh, and there is no such thing as the "dockbar" in OSX.

[tanis143]

I knew this was comming

Ok, they said TARGET! Do I have to explain that term for you, or has that cutsie tootsie GUI of O/S X fried your brain too much? Its a target because of the all the hype its receiving as being "safe". The honest fact that if its connected to the net, its not safe. Period. Yes, there are more viruses for MS software, yes there are virtually no spyware/adware/viruses for Mac's. Hello.... do we have to go over this again? Why in the world would someone take the time to write a virus that will infect maybe 4% of the total pc market?

God, you mac fanboi's are almost as annoying as your commercials. Hands down, I'll take my Windows machine over your mac anyday of the week. Why? Because I like to use my pc, I like to customize my pc, and I like to upgrade my pc, and I like to game on my pc. A mac is good for many things, yes, if all you do is surf the net, download off iTunes, write papers, or do graphic work. But for gamers, tweakers, and those who enjoy testing software, Mac is not the way to go.

In otherwords, shutup, go back to adjusting your dockbar, and for gods sake beg Apple to stop those stupid commercials.

[Had_to_be_said]

Actually... Ive been a PC-tech for decades...

In fact, I started working with "PC and Compatibles" when they were first introduced. And, Ive done everything from installation, support, training and documentation, and designing hardware, to being on software-development teams (And, ALMOST ALL OF THAT has been for the PC-PLATFORM).

Furthermore, the only "Mac", that I own, which is actually, currently, operational... is an old "Power-PC" ("Mac-OS" 8-point-something) that was given to me by someone, after I helped him design, and test, the business website-project that he was working on.

But, what really ANNOYS ME... are the MICROSOFT-DEFENDERS that constantly SPEW the same completely nonsensical-apologies for the VERY REAL problems with "Microsoft products". And, who seem to feel it, absolutely-necessary to viciously-attack anyone who points out such basic-facts.

[Joelshouts]

Once again, MS fans do it again...

"The honest fact that if its connected to the net, its not safe. Period."

This is a very unenlightened response that I've heard from a ton of MS fans who know nothing about programming or security.

Sure, it is true, if a computer is connected to a network the it is vulnerable. But there are scales of vulnerability. Something can be less ore more secure. A door lock can be more secure than a piece of rope. The same holds true for computers. Firewalls, not running applications with SU privileges, etc.

"Yes, there are more viruses for MS software, yes there are virtually no spyware/adware/viruses for Mac's. Hello.... do we have to go over this again? Why in the world would someone take the time to write a virus that will infect maybe 4% of the total pc market?"

We are aware of a few things:
1. Macs don't get viruses.
2. Windows machines get viruses.
3. Therefore, if you want a virus, get a Windows machine.
4. Therefore, if you wish to be virusless, get a Mac.

I'm putting this simply to illustrate a point. When it comes to buying a safe computer, Tanis, the best option comes to OS X.

I suppose that what you are TRYING to say is that there may be virus problems in the future(I emphasize trying because you absolutely do not say this).

Do you deny either of these?

1. On Windows there are already many viruses and there will be more.
2. On OS X there are no viruses, however there may be some in the future.

If not, then it you're agreeing that buying MS is buying something that is guaranteed to be vulnerable, whereas on OS X you may only be vulnerable in the future.

Which is the better option?

"Hands down, I'll take my Windows machine over your mac anyday of the week. Why? Because ... I like to customize my pc, and I like to upgrade my pc, and I like to game on my pc... But for gamers, tweakers, and those who enjoy testing software, Mac is not the way to go."

That's fine. Keep your PC. The Mac crowd has never claimed these abilities (or at least to the degree that you can do on a MS machine).

However, you should realize that for every user like yourself, there are many, many more who only... "is surf the net, download off iTunes, write papers." That is to say, what the Mac is good for, according to you.

There are many people who like to use their computers to do things, as opposed to do things to use their computers.

Now, I'd just like to point out that your own personal position is flawed, and I'd like to use an analogy:

Suppose I told you that I liked steak better than chicken because I like sweet things. Wouldn't you think I was crazy?

Saying that you prefer Windows over OS X because you like to customize things is analogous.

If you REALLY wanted to customize your OS, you'd be running Linux. Multiple desktop environments (cf KDE, Gnome, XFCE, Blackbox, Fluxbox, etc).

The only point left in your stance that is hard to assail is the gaming side; however, with Wine and its improved gaming abilities, your position is much weakened. And besides, you like to tweak, right? So why not tweak your games on a far more tweakable system?

[cascadia4]

Will you all PLEASE knock it off!

Alright! It makes me sick every time I come to c-net and read an article that talks about anything related to Windows PCs, or Apple PCs, and geting caught in the middle of a bunch of self-righteous techies throwing mud.

So, lets all just face the facs:

Windows Users (including myself): We're all going to always be looked down upon by Apple/*nix users because Windows is connected to microsoft and microsoft=evil. Add on that all of the percieved problems with the Windows environment and you have yourself a virtual "KICK ME" sign. Just don't feed the trolls.

Apple Users: The nose-in-the-air attitude sucks. If someone's using a Windows PC, they really care less about why they should use a Mac. Although Macs are great at many things, the fact is a fair amount of software doesn't work on a Mac, software that for one reason or another is used by the owner.

*NIX users: If you like your OS, and use it with no problem. Great. Have fun with that.

So, for all of those that want to trumpet for their prefered OS, remember one thing:

Those in glass houses shouldn't throw stones. ALL OS's have their pros and cons. None are perfect.

So, can we nock it off?

[dandz56]

This country needs Hack Heroz !

Nail the CEO's of Banks,Insurance company's & Politicians behind it all ! Return the monies [ Robin Hood style] to those that have been robbed !

These people have been untouchable ! [ but , you guys have left them alone - you hack their company's maybe , but that just hurts their customers. Go after THE actual EVIL !

YOU could become the next National Heroz ! [?]