iTnews
  • Home
  • News
  • Technology
  • Security

Experts warn of surge in zero-day flaws

By Clement James
Nov 21 2006 10:40AM
Follow google news

Sans Institute urges 'least privilege environment' to beat attacks.

Experts warn of surge in zero-day flaws
Security experts at the Sans Institute warned last week of a major surge in zero-day flaws as part of its 2006 update to the Top 20 Internet Security Attack Targets list.

The report advises implementation of a "least privilege" environment to reduce the impact of such attacks.

Marco Peretti, chief technical officer at security firm BeyondTrust, agreed with the findings of the Sans Institute, urging users to follow the "principle of least privilege" in setting user access controls, permissions and rights.

Peretti also suggested restricting or limiting the use of active code such as JavaScript or ActiveX in browsers.

Companies using Microsoft's Active Directory should take maximum advantage of Group Policy Objects to control user access, and should not rely on antivirus protection alone since zero-day attacks are often not detectable until new signatures are released.

"A zero-day vulnerability is a known flaw in software that does not have a patch available," said Marc Sachs, director of the Sans Internet Storm Centre.

"In 2006 we have seen a significant rise in attacks that take advantage of zero-day vulnerabilities, leaving a user or system unable to defend against the attack since no patch is available."

This type of application-level attack is very hard to prevent with traditional flow-based schemes such as intrusion detection systems and firewalls.

Likewise, consumer-oriented security solutions such as antivirus software cannot usually detect the initial outbreak of a zero-day exploit attack.

"When users and applications are given more privileges than necessary, organisations expose themselves to threats such as malware and data theft no matter what defence they have in place," warned Peretti.

"A huge security problem that Windows enterprises face is that many users must be given administrative privileges in order to run required applications.

"However, as we have seen, administrative privileges are easily exploited by zero-day threats and malicious users. So you have to ask yourself if you trust your existing security defences."

Add iTnews as your trusted source

Add iTnews As Your Trusted Source Add iTnews As Your Trusted Source
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
expertsflawsinofsecuritysurgewarnzeroday

Related Articles

  • Marathon OAIC investigation finds Optus breached 51,000 customers' privacy Marathon OAIC investigation finds Optus breached 51,000 customers' privacy
  • US gov shortens cyber fix window to three days US gov shortens cyber fix window to three days
  • Anthropic releases Mythos-class model for public use Anthropic releases Mythos-class model for public use
  • Apple bumps up security in fresh operating system releases Apple bumps up security in fresh operating system releases
Join our WhatsApp Channel

Partner Content

Scalable AI solutions: secure delivery
Scalable AI solutions: secure delivery
From test case to control tower: How DXC and ServiceNow are governing enterprise AI at scale
Promoted Content From test case to control tower: How DXC and ServiceNow are governing enterprise AI at scale
Intelligence × Trust: the equation that will decide Australia's AI winners
Promoted Content Intelligence × Trust: the equation that will decide Australia's AI winners
Take control of your connectivity with Telstra’s Adaptive Networks Centre
Partner Content Take control of your connectivity with Telstra’s Adaptive Networks Centre

Sponsored Whitepapers

When cyber risk has no clear owner: A practical guide for senior Australian business leaders
When cyber risk has no clear owner: A practical guide for senior Australian business leaders
Agile in the AI Era: why projects still fail
Agile in the AI Era: why projects still fail
When Technology Becomes the Blocker: Unlocking Real Outcomes from AI and Cloud
When Technology Becomes the Blocker: Unlocking Real Outcomes from AI and Cloud
High-volume data sources for AI-driven security analytics
High-volume data sources for AI-driven security analytics
How healthcare organisations can get more value from cloud
How healthcare organisations can get more value from cloud

Events

  • iTnews State of Security Breakfast iTnews State of Security Breakfast
  • iTnews State of Data & AI Breakfast iTnews State of Data & AI Breakfast
  • Forrester's AI Forum Sydney Forrester's AI Forum Sydney
  • The 2026 iAwards The 2026 iAwards
  • Integrate 2026 Integrate 2026
Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Anthropic opens Claude Mythos Preview AI program to Australia

Anthropic opens Claude Mythos Preview AI program to Australia
Defence says Palantir is "sandboxed" in its environment

Defence says Palantir is "sandboxed" in its environment
Services Australia describes fraud, debt-related machine learning use cases

Services Australia describes fraud, debt-related machine learning use cases
Researchers build self-replicating AI worm with BYO LLM

Researchers build self-replicating AI worm with BYO LLM
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.