Hopefully, dear readers, you are not among those many organizations which are currently undergoing sustained attack of their websites by the suddenly expanding iframe vulnerability designed to infect users computers from cached search results.

As the obvious, or easy, attack vectors are being slowly eliminated in web server operating systems and web services, these sorts of attacks are becoming increasingly common and probably represent the next wave of significant threats. They're going to be difficult to combat for traditional security staff, because they are oriented more toward the organization's clients or customers than internal technology assets. Dealing with such vulnerabilities requires a substantially different mindset and core mission and it remains to be seen how quickly IT departments (which have thus far shown amazing flexibility in responding to threats) will adapt.

• Securing Your Server with ADT Security
• Does Your Company Need A Chief Security Officer (CSO)?
• Go on the attack, Google!
• ETrade Puts a Stake in the Ground But The Cost of End User Security Has a Price TBD For Some