Jun 27
Friday, June 27th, 2008
Over the past six months, millions of Web pages have been hacked and seeded with malicious software, and in a great many cases the sites were hacked because their curators failed to put in place even basic database security measures. In most of these compromises, the hackers broke in using an attack called SQL injection. Rather than attacking specific software security vulnerabilities, SQL injection attacks target configuration weaknesses in the database layer of the site’s Web application, be it ASP, CGI, or PHP. While most SQL attacks are automated with the help of scanning tools, SQL attacks can be carried out using nothing more than a Web browser. An injection vulnerability most commonly exists when a site accepts input from a visitor — such as through a search or login box — but fails to filter out potentially harmful instructions, non-standard characters or computer code. Successful SQL attacks can [...]
Read more…
Posted in News, Spam | No Comments »
Jun 26
Thursday, June 26th, 2008
Adobe has issued a security update for its Adobe Acrobat and free Adobe Reader applications. The patch plugs a critical flaw that Adobe said attackers could leverage to take control of a vulnerable system. The latest update, available here for both Microsoft Windows and Mac OS X systems, applies to the most recent versions of Acrobat and Reader (v. 8.1.2). It also plugs the vulnerability in the following Adobe products: -Adobe Reader 7.0.9 and earlier -Adobe Acrobat Professional, 3D and Standard 8.0 through 8.1.2 -Adobe Acrobat Professional, 3D and Standard 7.0.9 and earlier If you have any of these products installed, take a moment now to update them. As the SANS Internet Storm Center rightly notes, malicious software writers have traditionally been quick to incorporate critical Adobe vulnerabilities into their creations, so it’s probably best not to let any grass grow under your feet on this one.
Read more…
Posted in News, Security, Spam, Spyware, Virus | 1 Comment »
Jun 26
Thursday, June 26th, 2008
(Un)happy Talking
Citizens of the Marshall Islands in the South Pacific have been left without a functioning email systems following a denial of service attack on the country’s sole ISP.…
Read more…
Posted in News, Security, Spam, Virus | No Comments »