1、Source:Google Online Security Bloghttp:/ websitesMalware originSecurity index had consistently outperformed NASDAQSource:Cowen and Company,RSA 2007DateMajor Security Events within Past Two Months2007.5.11nGoogle published The Ghost in the Browser research in Hotbots 07(with Usenix)which states that
2、more than 10%of all on Google indexed wetbsites have been hacked and contain malware,spyware,or malicious code2007.5.15nOWASP published the OWASP Top 10 2007(the first time since 2004);Cross-site Scripting vulnerability climbed to#12007.5.29nGoogle announced acquistion of GreenBorder(a browser-based
3、 security solution)to jumpstart into web application security space2007.6.1.nGoogle starts flagging malicious website warning users not to enter2007.6.6.nIBM acquired penetration testing company Watchfire to step into Web security space2007.6.18.nPenetration testing company Cenzic approved U.S.paten
4、t on fault-injection technology,starting a new wave of hot debate in Web security2007.6.19.nHP acquired penetration testing company SPI Dynamics to enter into web security space,competing with IBM2007.6.30.nPCI includes code review for PCI compliance v1.1,mandatory in 20082007.7.9.nGoogle acquired online email security Postini for US$625 million in cash,aggressively entering into online enterprise security space