Over the next year, we will see increased threat activity in the following areas: Phishing Phase II: 
a continued assault on personally identifiable information through web and application server manipulations; Attacks on the network infrastructure itself; Web services attacks; Mobile services exploits. As always, these threats will exploit human weakness: the failure to patch vulnerable systems, whether servers, routers or switches, quickly enough.
Phishing Phase II: Spyking takes over
When you drink a very powerful tropical cocktail it usually tastes like harmless fruit juice though admittedly very good. However, you soon discover that the alcohol inside could knock out an elephant. This is called spiking a drink. and it’s the same with the latest phishing attacks. You think you are responding to a web query on a known server (the innocent fruit juice) when actually you have been redirected to a phishing site (the alcohol) by the good site. As we all know by now, phishing attacks require the absolute believability of an official-looking request. The first generation of anti-phishing attacks used spoofed email to create the aura of believability. However, we have been warned so many times not to trust email that we apply much greater scepticism to it. Threat Landscape For The Future - IT Observer
From around the Web
- How to Use Network Behavior Analysis Tools
- Apple updates Safari with 11 security fixes
- Mozilla fixes 11 Firefox flaws, six critical
- Google updates Chrome to third beta
- Firefox 3.1 beta arrives with JavaScript booster turned off
- The insider security threat in IT and financial services
- Windows 7 security: An overall improvement?
- Top 10 Network Security Threats
- Big leap in malicious Web sites
- Network security makes a quantum leap
- What is the Best Internet Browser to Surf the Web?
- Windows 7 UAC could be less of a nag
- Microsoft releases faster Desktop Search 4.0
- Vista users keen on SP1, but XP SP3 not so much
- Windows 7 Details In October, Microsoft Says