NEW YORK - As people heed warnings to install the latest security updates for Microsoft Corp.'s Windows operating systems and Internet Explorer browsers, researchers say hackers have been shifting their focus to applications that are harder to protect.
The SANS Institute's annual list of top Internet security threats includes a separate category for "cross-platform applications" for the first time.
Data-backup programs, media players and anti-virus software were added to the list, joining instant messaging and file-sharing applications before listed under Windows threats.
Full article here.

This SANS Top-20 2005 is a marked deviation from the previous Top-20 lists. In addition to Windows and UNIX categories, we have also included Cross-Platform Applications and Networking Products. The change reflects the dynamic nature of the evolving threat landscape and the vulnerabilities that attackers target. Unlike the previous Top-20 lists, this list is not "cumulative" in nature. We have only listed critical vulnerabilities from the past year and a half or so. If you have not patched your systems for a length of time, it is highly recommended that you first patch the vulnerabilities listed in the Top-20 2004 list.
SANS Top-20 2005

So if you're running popular software packages, stay alert...

Peace always,
<jdenny>