Top 25 Most Dangerous Programming Errors brought into use by Cyber-criminals

Date: February 22, 2010
Source: Homeland Security Today
By: Phil Leggiere

A small number of common software programming errors are responsible nearly every major type of cyber attack, from the recent intrusions at Google, to disruptions and breach of network security at numerous utilities and government agencies, according to a new report published last week by two non-profit technology research organizations.

The researchers divided the Top 25 risky software errors into three high-level categories: insecure interaction between Components, risky resource management and porous defenses.

The report, jointly put together by SANS (SysAdmin, Audit, Network, Security) Institute and Mitre, identified 25 frequent coding errors putting mission critical systems at risk, enabling security bugs, cyber espionage and cyber crime. It was complied with help from security analysts at a variety of organizations including the National Security Agency and the US Department of Homeland Security's National Cyber Security Division.
Original article

---

Add comment  Email to a Friend