2014: The Top 3 Threats

Incapsula, a top provider of website and web application security, recently posted a blog on the top three threats of 2014, with an accompanying infographic. As a provider of web security services, they have access to a wide view of the threat landscape. The top three vulnerabilities are listed as follows with a short description of each:

  • HeartBleed, an OpenSSL bug that allows an attacker to access information from a client or server’s memory.
  • Shellshock, allows attackers to take control of the server, enabling them to steal files, delete information, download malware, and execute DDoS attacks.
  • POODLE, affects SSL encryption technology allowing an attacker to trick computers into sharing sensitive data.

These three threats top Incapsula’s list because unlike most – they are specific to a particular OS, browser, or software application. As a result, these mega-vulnerabilities can affect almost anyone.

2014-mega-vulnerabilities

Incapsula’s Infographic on the top 3 threats of 2014

Click here to view the Incapsula blog post. For more information on HeartBleed and Citrix, take a moment to read the Technical Update Bulletins posted by Mark Ma earlier this year:

Citrix and HeartBleed 

CitrixOnline Go-To-xxxx and HeartBleed