TNX.net: Sell links on every page of your site to thousands of advertisers!
Powered by MaxBlogPress  

SQL Infection Hits Over 500K Webpages, Infiltrates DHS And UN

Posted by admin
April 28, 2008

securityscreen

Update: Microsoft’s Bill Sisk offers a denial on the company’s IIS blog that the MS SQL Server technology has no association with the SQL vulnerability described in the security concern mentioned below.

SQL, one of the most widely utilized server technologies today, is going through a particularly rough time. According to the Dan Goodin of The Register, a “sophisticated mass infection that is injecting code into hundreds of thousands of reputable webpages is growing and even infiltrated the website of the [U.S.] Department of Homeland Security.”

As of Friday, some 520,000 pages had been catalogued by Google as contaminated, with victims including the sites operated by the U.S. government, the United Nations, and the UK Civil Service, among others. As for the vulnerabilities of particular strings of SQL, both MySQL and PostgreSQL “are less easily fooled,” says researcher Ronald van den Heetkamp. Because SQL infection is comprised mostly of HEX code, which partially obscures its true identity, Microsoft SQL is apparently particularly susceptible to infiltration.

The response to the SQL hack has been quick-footed, particularly on the governmental front. Homeland Security spokeswoman Amy Kudwa said that security specialists “scrubbed the page clean the same day it got infected and took steps to make sure the same attack couldn’t succeed against other parts of the DHS website.”

No word has been offered as to the identity of the attackers, but the methodology employed, according to Jeremiah Grossman, CTO of WhiteHat Security, shows that they had effectively obtained a “skeleton key” for the Web systems used by various companies and organizations.

(Image source: The Register)


Related Articles at Mashable! - The Social Networking Blog:

Zero Day Vulnerability Discovered in RealPlayer and Internet Explorer
RealNetworks Addresses Vulnerability in RealPlayer
Slide-Wordpress, Google-DoubleClick, ScanScout, When AJAX Attacks
Marvel and DC Comics Partner to Fight Torrents
Blogger Visitors Under Attack by Malware
Millions of MySpacers Rejoice: Photobucket Videos are Back
Terrorists Using Google Earth to Target Israel




Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google
Make Money

Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically to your feed reader.

Comments

[...] another nice blog post (although it’s SQL Injection, not a SQL Infection) that talks about this current outbreak and [...]

Pingback by SQL Injection attacks continue, Is it Microsoft’s Fault? on April 28, 2008 @ 6:47 pm
Leave a comment

(required)

(required)