7. Sniffing passwords on the network
Since the most of the internet traffic is not encrypted it’s really easy to sniff for user logins, passwords and the rest of their communication. The only way to protect your online privacy is to encrypt all sensitive communication channels. That’s sounds easy, isn’t it? But there’s one problem – encryption must be supported by server. However many servers on the web supports encryption for login page, but an entire communication encryption is still missing.
Google cares about users privacy and supports the SSL encryption
There are many services providing a full encryption, but your communication is encrypted just between you and encryption server provider, so all communication is readable between encryption server and the destination.
Useful information:
http://en.wikipedia.org/wiki/Packet_sniffer
http://www.hackernotcracker.com/2007-04/using-virtual-private-networking-vpn-to-avoid-packet-sniffinganalysis-and-data-theft.html
8. Too many private information in web application profiles
Today you can see a really interesting trend on the web. In the past there was really big concerning by users about online privacy and security, today there are millions of people on social networks. Everyday web is growing by the tons of private information exposed on the web and seems like nobody cares. The attackers can easily harvest a lot of information about many users and they can steal their online accounts (e-shops, banks and other services). Everything can be automated and attackers would make the targeted attacks on specific groups of users.
Top 10 threats on the web 1 of 5
Top 10 threats on the web 2 of 5
Top 10 threats on the web 3 of 5
Top 10 threats on the web 4 of 5
Top 10 threats on the web 5 of 5