Dave Marcus has more than twelve years of technical experience in information security, and network and host ...
Social networking sites and technologies are among the hottest happenings on the Internet. However, in this case every benefit comes with an equal danger: These sites and technologies are also huge targets for cybercriminals. One of McAfee Labs senior researchers, Anthony Bettini, has written an excellent whitepaper on the subject. Social Networking Apps Pose Surprising Security Challenges details some of these areas of concern. I’ll let Tony tell the story:
As social networking gains users, it will increasingly be targeted by attackers, just as instant messaging and other media have been. For an interesting view on how platform prevalence draws attackers like bees to pollen, see the IEEE article “When Malware Attacks (Anything but Windows).” One popular technology ripe for exploitation in social network applications is the “mashup.” (Wikipedia: “A mashup is a web page or application that uses or combines data or functionality from two or many more external sources to create a new service.”) From the perspective of an application provider such as Google, mashups allow their applications””for example, Google Maps””to become more widely used and embedded within other new applications, like Yelp or the iPhone operating system. However, as we’ll soon see, attackers have also been using mashups to their advantage.
Download and share this excellent paper with all the people you know who use social networking sites and technologies. The dangers are real–but with education, action, and proper security we can successfully manage them.