Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

SQL injection attacks increase botnet population

Global Secure Systems (GSS) : 20 May, 2008  (Technical Article)
GSS advises bolstering web application security in light of increased SQL injection attack activities designed to add legitimate web sites to the increasing population of botnets
Global Secure Systems (GSS) has warned companies to review their security protection following the arrival of the Asprox Botnet on the scene.

'Asprox is more than just another piece of Botnet malware as it's what we call a hybrid. It uses an SQL-injection attack tool that attacks legitimate Web sites, and so adding to the overall Botnet swarm,' said David Hobson, GSS' managing director.

According to Hobson, whilst botnets and SQL injection Web site attacks are nothing new, the fact that someone has developed a malware infection that combines the two darkware vectors highlights the growing ingenuity of the hacker community.

'The fact that hackers are going down this route is not due to altruism. Most botnets are perpetrated these days by criminal gangs who re after your company's money. And if they can't get your money, they'll use your computers, damaging your reputation in the process -it's a simple as that,' he said.

Hobson went on to say that the rapid evolution of multi-vector darkware like Asprox means that companies should now look seriously at multi-vendor and/or multi-layered IT security protection.

'The days when forms could install a single security system on their IT resources are now long gone. Companies need to review their IT security system on a regular basis and talk to their reseller about enhancing their systems to deal with the latest threats,' he explained
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo