Back up data early and often, experts warn

April rains brought more than May flowers -- they carried an onslaught of new Internet security weaknesses, according to a report issued today from the SANS Institute.

The second quarter of 2005 saw 422 new security vulnerabilities, the latest SANS Top 20 Most Critical Internet Vulnerabilities list states.

That figure is up 10.8 percent from the 381 in the first quarter of 2005 and almost 20 percent higher than the 352 found in the second quarter of 2004, SANS said.

"It is important to draw people's attention to these vulnerabilities because they could result in severe consequences if not properly resolved," said Marc Willebeek-LeMair, chief technology officer at TippingPoint, a division of 3Com that led the SANS vulnerability assessment team.

A disturbing new trend is the number of vulnerabilities in best-selling data-backup products from Veritas and Computer Associates, according to the report.

“These products have become easy targets for attackers and since they have access to substantially all data, their weaknesses cause real danger,” SANS said.

Microsoft Internet Explorer, a favorite of attackers, has many new weaknesses, the report says. The increase in popularity of open-source Mozilla and Firefox browsers have led to more new vulnerabilities in those programs, it states.

Computer users also face danger from supposedly innocuous sources as well, SANS said. New weaknesses in RealPlayer and iTunes can hand over a user’s system to outsiders, the report warns.


  • People
    2021 Federal 100 Awards

    Announcing the 2021 Federal 100 Award winners

    Meet the women and men being honored for their exceptional contributions to federal IT.

  • Comment
    Diverse Workforce (Image: Shutterstock)

    Who cares if you wear a hoodie or a suit? It’s the mission that matters most

    Responding to Steve Kelman's recent blog post, Alan Thomas shares the inside story on 18F's evolution.

Stay Connected