The SANS Institute has released its 2005 Top-20 Internet Security Vulnerabilities and this year a new category - Cross Platform Applications - takes the spotlight. Of particular concern and new to the list this year is backup software which often deals with a company’s or individual’s most sensitive data.
Four years ago, the SANS Institute and the National Infrastructure Protection Center (NIPC) at the FBI released a document summarizing the Ten Most Critical Internet Security Vulnerabilities. Thousands of organizations used that list, and the expanded Top-20 lists that followed one, two, and three years later, to prioritize their efforts so they could close the most dangerous holes first. The vulnerable services that led to worms like Blaster, Slammer, and Code Red have been on these lists.