Information Security - GoSecure

• About this group
• Forums

• Home
• Groups
• Information Security - GoSecure
• Forums
• Links, Publications, Research, Presentations and/or Events
• Practical Analysis: The Fastest-Growing Security Threat

• 
  Ann Liu    Group moderator

  The company name is only visible to registered members.

  10 Nov 2009, 11:51 am

  Practical Analysis: The Fastest-Growing Security Threat

  Hi Everyone,
  
  Few things make a CIO's eyes glaze over like the mere mention of SQL injections. Unless they cut their teeth in security or SQL programming, chances are that the folks who control the purse strings don't understand these increasingly common attacks. That's a real issue because you're probably making decisions that could exacerbate the problem.
  
  So just how big is the problem? The number of SQL injection attempts has gone from a few thousand a day just last year to more than half a million a day now, according to IBM's ISS X-Force. The bad guys are using automated tools to find out where SQL injection is possible, evaluating the sites for the best exploitation possibilities. These bad guys are really bad. They aren't looking to be disruptive; they're looking to steal credit card numbers and identities for profit.
  
  http://www.informationweek.com/news/security/vulnerabilities...
  
  
  Thank You.
  
  Ann Liu
  MarketingbyAnn Co., Ltd
  http://www.marketingbyann.net
  
  Ann Liu wrote: > Hi Everyone, > > Few things make a CIO's eyes glaze over like the mere mention of SQL > injections. Unless they cut their teeth in security or SQL > programming, chances are that the folks who control the purse strings > don't understand these increasingly common attacks. That's a real > issue because you're probably making decisions that could exacerbate > the problem. > > So just how big is the problem? The number of SQL injection attempts > has gone from a few thousand a day just last year to more than half a > million a day now, according to IBM's ISS X-Force. The bad guys are > using automated tools to find out where SQL injection is possible, > evaluating the sites for the best exploitation possibilities. These > bad guys are really bad. They aren't looking to be disruptive; > they're looking to steal credit card numbers and identities for > profit. > > http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=221600488 > > > Thank You. > > Ann Liu > MarketingbyAnn Co., Ltd > www.marketingbyann.net