Top Six Database Attacks

Thursday, May 8th, 2008

It takes the average attacker less than 10 seconds to hack in and out of a database -- hardly enough time for the database administrator even notice the intruder. So it’s no surprise that many database attacks go unnoticed by organizations until long after the data has been compromised. And surprisingly, ...

SQL Injection Worm on the Loose

Wednesday, May 7th, 2008

A loyal ISC reader, Rob, wrote in to point us at what looks to be a SQL Injection worm that is on the loose.  From a quick google search it shows that there are about 4,000 websites infected and that this worm started at least mid-April if not earlier.  Right ...

Microsoft offers assistance to combat mass SQL injection

Monday, April 28th, 2008

Microsoft has provided security advice to web developers using its products after many such sites were compromised. Last week, hundreds of thousands of web pages were infected with a malicious iframe which tries to infect visitors with a trojan. Many high profile sites including the United Nations (un.org), the UK ...

Lateral SQL Injection

Saturday, April 26th, 2008

How can an attacker exploit a PL/SQL procedure that doesn’t even take user input? Or how does one do SQL injection using DATE or even NUMBER data types? In the past this has not been possible but as this paper will demonstrate, with a little bit of trickery, you can ...

Mass SQL injection

Thursday, April 24th, 2008

There's another round of mass SQL injections going on which has infected hundreds of thousands of websites. Performing a Google search results in over 510,000 modified pages.

Deciphering the PHP-Nuke Captcha

Monday, April 21st, 2008

The Captcha used in the current version 8.1 of PHP Nuke can be deciphered with 100% accuracy. more information can be found here: http://www.rooksecurity.com/blog/?p=6 Exploit Code: http://www.rooksecurity.com/exploits/php_nuke_captcha.zip What is so interesting about this captcha is that it is incredibly wide spread. Variants of this captcha are being used by big names like Paypal. ...

The Snare Of Unauthorized Requests

Monday, April 21st, 2008

Almost everyone knows what CSRF or better unauthorized requests are. I never really embraced CSRF as the correct term for unauthorized request issues, because the term is outdated and inadequate to contemporary hacking. For me, an unauthorized request is the layer or automation of a hacking procedure without direct interference ...

Details of privilege escalation hole in Windows

Monday, April 21st, 2008

In a security alert last week, Microsoft reported a vulnerability which allows local users and users signed on with access to an Internet Information Server (IIS) or MS SQL server to escalate their privileges. Server operators such as hosting providers who allow user code to be executed, for example on ...

Vulnerability in Windows Could Allow Elevation of Privilege

Friday, April 18th, 2008

Microsoft is investigating new public reports of a vulnerability which could allow elevation of privilege from authenticated user to LocalSystem, affecting Windows XP Professional Service Pack 2 and all supported versions and editions of Windows Server 2003, Windows Vista, and Windows Server 2008. Customers who allow user-provided code to run ...

SANS solves mystery of mass Web site infections

Thursday, April 17th, 2008

The SANS Institute has uncovered what they've termed a "rare gem" as far as computer security investigations go that sheds new light on how up to 20,000 Web sites have been hacked since January. They found a sneaky software tool that uses Google's search engine to hunt for Web sites running ...