The Year of the Sandbox

As predicted by researcher Dino Dai Zovi in these pages in January, 2010 turned out to be the year of the sandbox. Attackers for years have been focusing their attention on browsers and other Web apps and using them as jumping off points for further attacks on compromised PCs. Vendors finally began to take notice and implement sandboxes in their products.

As predicted by researcher Dino Dai Zovi in these pages in January, 2010 turned out to be the year of the sandbox. Attackers for years have been focusing their attention on browsers and other Web apps and using them as jumping off points for further attacks on compromised PCs. Vendors finally began to take notice and implement sandboxes in their products. The technology prevents attackers from using bugs in the browser or Reader to break out of that application and move to another app or the operating system itself. Google added a sandbox to its Chrome browser; Adobe released Reader X, which includes an integrated sandbox; and Google and Adobe teamed up to implement a sandboxed version of Flash in Chrome, as well. Microsoft has had a limited sandbox, known as, in Internet Explorer for some time and many customers and researchers applauded Adobe’s and Google’s moves to bring the technology to bear as well.

Suggested articles

2020 Cybersecurity Trends to Watch

Mobile becomes a prime phishing attack vector, hackers will increasingly employ machine learning in attacks and cloud will increasingly be seen as fertile ground for compromise.

Top Mobile Security Stories of 2019

Cybercrime increasingly went mobile in 2019, with everything from Apple iPhone jailbreaks and rogue Android apps to 5G and mobile-first phishing dominating the news coverage. Here are Threatpost’s Top 10 mobile security stories of 2019.