Massive website compromises using a technique known as SQL injection has long been a top security concern for Web developers and site owners. Now, the attacks may become harder to detect and prevent, according to one security firm's analysis.
Web security firm announced that it had detected a new type of mass SQL injection attack that uses a simple form of peer-to-peer networking to make the compromised network hard to take down. Historically, mass web attacks are simple: Code written in the structured query language (SQL) is sent to the back-end web database using a vulnerability in the site's code. When the security flaw is in a common application, the attack can compromise thousands of sites at the same time.
In the latest version of the attack, rather than injecting sites with a single static script that points visitor browsers to a handful of malicious download sites, the attackers create a dynamic script that sends visitors to a previously compromised Web server. The new technique makes blacklisting much harder, says Wayne Huang, president and chief technology officer of Armorize.
WyseLabs Internet Marketing Forum :: Start Sharing
A Dedicated Room for Testing, Experimenting, Listing & Discussing Internet Marketing Innovation
Researchers warn of mass 'meshing injection' attack
Moderator: Moderators
1 post
• Page 1 of 1
Researchers warn of mass 'meshing injection' attack
by sathish.k » Mon Jun 20, 2011 12:09 pm
Thanks & Regards,
Sathish
Sathish
- sathish.k
- Posts: 111
- Joined: Fri Aug 08, 2008 1:18 am
1 post
• Page 1 of 1
Return to Online Ideas, Innovation & Cool Sites
Who is online
Users browsing this forum: No registered users and 4 guests
Powered by phpBB® Forum Software © phpBB Group