Web 2.0 Security Threats
The most recent issue of Current Cites highlights a report from the Secure Enterprise 2.o Forum entitled Top Web 2.0 Security Threats.
From the Current Cites description:
This report highlights several security vulnerabilities created by Web 2.0 applications. These include more familiar threats such as phishing, insecure authentication procedures, and insufficient measures taken to prevent automatic account creation/link spamming. Two of the more interesting flaws included were information leakage and information integrity, neither of which is a technical flaw. Instead, they are risks created by the fact that more and more of us are doing things online. 'Information leakage' refers to the accidental exposure of sensitive corporate information: the number of employees over time, or turnover at the managerial level. The report notes that by simply surfing sites like LinkedIn, competitors can easily aggregate information to put together a corporate profile. 'Information integrity' refers to the spread of misinformation, either intentional or accidental. Erroneous information posted to Wikipedia is perhaps the first example that comes to mind, but in the corporate world this could include bad information posted to a company intranet, or a slow growth of online misinformation that sets off rumors about a company within its industry."[Source: Current Cites]