Skip to main content

Sample of attacks in the first half of 2011

 Small sample of attacks in the first half of 2011 alone includes:
  • The SQL injection attacks on the Sony Music web sites in MAY 2011 by the LulzSec organization.While unconfirmed by Sony, it's also believed that SQL injection vulnerabilities were responsible for the attacks against the Sony PlayStation Network and Qriocity that leaked the private data of 77 million users and led Sony to shut down the services for over a month. The overall cost of this breach to Sony has been estimated to exceed 171 million dollars (US).
  • A cross-site scripting vulnerability in the Andoid Market discovered in March 2011 that allowed attackers to remotely install apps onto users' Andiod devices without their knowledge or consent.
  •  The Attack of information security firm HBGary Federal in Feb. 2011 by the hacker group Anonymous. Another simple SQL injection vulnerability in the www.hbgaryfederal.com website,combined with a poorly implemented use of cryptographic hash function, enabled Anonymous to extract the company officers' usernames and passwords, which then enabled them to read the officers' confidential internal e-mails.
    • the Ceo of HBGary Federal resigned from the company shortly thereafter,citing a need to "take care of his family and rebild his reputation."
None of these attacks were stopped by the sites' firewalls! But IT budgets still focus primarily on firewall defenses. This is puzzling , since network firewalls are completely useless to prevent almost any web application attack. You can't use firewalls to close off ports from which the web applications are being served, because then nobody could come to your web site. Organizations spend billions of dollars a year on advertising to get people to come to their sites; they're certainly not going to close them up with firewalls.


Resource :
  • Web Application Security : Bryan Sullivan &  Vincent Liu.

Comments

Post a Comment

Popular posts from this blog

The Difference between DB and DB_EXTENDED

When doing Audit on any table on the the database , the default auditing is DB. SQL > show parameters audit_trail NAME                                 TYPE        VALUE ------------------------------------ ----------- ------------------------------ audit_trail                          string      DB in this case , when you do audit on some table. SQL> audit all on scott.emp by access; Audit succeeded SQL> update emp set sal=sal*0.95 where job='MANAGER'; 3 rows updated. if you want to know the statement made these changes, you will receive nothing on the sql_text field while you are selecting the audit_trial table.
Post a Comment
Read more

Web Application Security Scanner : Sandcat

Sandcat is multi-process remote web application security scanner. It maps the entire web site structure ( all links , forms , XHR requests and other entry points) and tries to find custom,unique vulnerabilities by simulating a wide range of attacks/sending thousands of requests (mostly GET and POST).  It also tests for SQL Inection, XSS, File inclusion and many other web application vulnerability classes.  Sandcat's code scanning functionality automates the process of reviewing the web application's code .  Source : CEH Lectures ...
Post a Comment
Read more