I’m sure you’ve noticed the usual plethora of “studies” about 2009 erupting from various security vendors. Some are good, some are barely concealed pitches for product.
Looking over about a dozen of the above, I gleaned some significant facts that might be useful to both admins and auditors:
Social Networks have seen significant increases in malware.
Small to medium businesses are being heavily targeted with specific software written to capture banking information such as usernames, passwords, screenshots and even scan hard drives for sensitive information. These customized trojans are for sale on the DarkWeb.
And my forensic peers are discussing the idea that there will be an increase of forensic examinations on mobile devices, given that banks are starting to release programs that allow purchases and bank access from mobile phones.
Is anyone besides me thinking that banking on mobile phones is a Really Bad idea?