Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Large rise in SQL injection attacks in June

ScanSafe : 17 July, 2008  (Technical Article)
The trend for compromising legitimate web sites continued to gain momentum in June with SQL injection attacks seeing a significant rise
ScanSafe has found that en masse compromises of legitimate websites exploded in June, accounting for 66 percent of all malware it blocked and contributing to a 278 percent increase in Web-based malware for the first half of the year.

"The mass compromise of websites poses particular challenge to corporate users," said Mary Landesman, senior security researcher, ScanSafe. "The impacted websites are typically known, legitimate, and trusted sites with a business purpose. These are sites that users visit frequently and the attacks are so stealthy and unobtrusive, that most visitors don't know that they've been infected."

According to the latest ScanSafe Global Threat Report:.

1. Malware Increases 278 Percent: Web-based malware increased 278 percent as more and more legitimate sites including Wal-Mart, Business Week, Ralph Lauren Home and Race for Life were compromised. This widespread compromise of legitimate websites was largely the result of automated attack tools which became freely availably in the last months of 2007.

2. SQL Injection Attacks Outpace Other Attacks by 212 Percent: SQL injection attacks, an exploit in which the attacker adds Structured Query Language (SQL) code to a Web form input box to gain access to resources or make changes to data, have rapidly become the most common form of website compromise, outpacing all other types of compromise by 212 percent. In June, SQL injection attacks accounted for 76 percent of all compromised sites.

3. Password Stealers and Backdoor Trojans Most Commonly Blocked Malware—Putting Corporate Data at Risk: Most of the compromises attempt to install password stealers and backdoor Trojans. This category of malware increased from 4 percent of malware in January to 27 percent in June.

The ScanSafe Global Threat Report is a study of the more than 60 billion Web requests it scanned and 600 million Web threats it blocked from January through June 2008 on behalf of corporate customers in more than 60 countries across five continents. It represents the world's largest security analysis of real-world corporate Web traffic.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo