SQL attacks lob onto tennis association Web site

Search for software:

DISCLAIMER: Logging other people's keystrokes or breaking into other people's computer without their permission can be considered illegal by the courts of many countries. The monitoring software reviewed here is ONLY for authorized system administrators and/or owners of computers. We assume no liability and are not responsible for any misuse or damage caused by the keylogging software. The end user of this software is obliged to obey all applicable local, state, federal and other laws in his country of residence.

July 04th, 2008

SQL attacks lob onto tennis association Web site

Visitors to the Association of Tennis Professionals Web site have potentially been infected with spyware after apparent lax security allowed a malicious script to be injected across its pages.

The SQL injection attack acts as a conduit for spyware and Trojans to be downloaded to victims' machines.

While the manner of attack is nothing new, Microsoft's Technet warned it has detected an increase in the type of attack on Web sites using Microsoft ASP and ASP.NET.

It attributes the vulnerability to poor Web application security practices, rather than product flaws.

"These SQL injection attacks do not exploit a specific software vulnerability, but instead target Web sites that do not follow secure coding practices for accessing and manipulating data stored in a relational database," the site reads.

"When a SQL injection attack succeeds, an attacker can compromise data stored in these databases and possibly execute remote code. Clients browsing to a compromised server could be forwarded unknowingly to malicious sites that may install malware on the client machine."

Sophos principal virus researcher Fraser Howard said the attack, which commenced in June, sought to capitalize on the popularity of this year's Wimbledon grand slam.

"The hackers responsible for this attack don't care what sites they infect, so long as there is a stream of potential victims likely to surf across the Net, straight into their trap. The ATP website is just one of many sites to have been exploited by hackers trying to steal information from innocent internet users," Howard said.

"With the Wimbledon tournament taking place at the moment, the ATP website will be receiving a spike in visitors - but any tennis fan visiting the infected pages on the site risks being served straight into a crook's criminal racket."

Source: NetworkWorld

	All news for July 03rd, 2009:
	15:20	Virus Bulletin names top spam blockers
	15:18	Hackers take aim at ColdFusion development tool
	15:17	Judge overturns MySpace bullying conviction
	15:07	Google sees new spam players on the horizon
	15:03	PayPal techies hit fraudsters where it hurts
	14:58	Chinese web filter doesn't work on Macs
	14:55	Lenovo, Acer, Sony sued over China web filter
	14:54	Sharapova, Serena Williams used to spread malware
	14:54	Michael Jackson X-file scam steals passwords
	14:52	Waledac worm targeting July 4 spam offensive
	14:51	Met Police signs identity management deal
	14:48	Conficker: Forgotten but not Gone
	14:45	SmartGate hits Sydney Airport
	14:44	Court orders spammers to pay $3.7 million
	14:43	'Jailbroken' iPhones leave users more vulnerable
	All news for July 02nd, 2009:
	15:13	Conficker cost Manchester council £1.5m
	15:13	Unisys puts stealth into the cloud
	15:12	Postini: Google's take on e-mail security
	15:10	Rally the troops for war on cyber crime
	15:09	Q&A: Jerry Thompson - BT Business director of business products and online
	15:07	Mozilla slates first Firefox 3.5 patch
	15:05	Apple patching serious SMS vulnerability on iPhone
	15:03	Security guard charged with hacking hospital systems
	15:01	Chinese security company shares huge malware database
	15:00	Facebook simplifies privacy settings, calls them too complex
	14:59	Lawsuit seeks refund for Clear subscribers
	14:58	TSA asked to ensure safety of customer data after Clear closing
	14:56	Microsoft to push IE8 at businesses next month
	14:54	Google: Spammers regroup after ISP takedowns
	14:52	We're serious about cybersecurity this time, says U.S. official

All news for July, 2009
All news for 2009 year
All news for 2008 year
All news for 2007 year
All news for 2006 year
All news for 2005 year
All news for 2004 year

DONATION: www.Anti-Keylogger.Org and www.Keylogger.Org is an independent research projects supported by a team of enthusiasts. If you find this project useful and would like to help foster its continued development, please consider making a donation.

Thanks in advance for your support!


	July 01st, 2009 Handy Keylogger added! more

Spector Pro 2009 - MySpace + Facebook Activity


	July 03rd, 2009 Virus Bulletin names top spam blockers more Hackers take aim at ColdFusion development tool more Judge overturns MySpace bullying conviction more Google sees new spam players on the horizon more PayPal techies hit fraudsters where it hurts more Chinese web filter doesn't work on Macs more Lenovo, Acer, Sony sued over China web filter more Sharapova, Serena Williams used to spread malware more Michael Jackson X-file scam steals passwords more Waledac worm targeting July 4 spam offensive more Met Police signs identity management deal more Conficker: Forgotten but not Gone more SmartGate hits Sydney Airport more Court orders spammers to pay $3.7 million more 'Jailbroken' iPhones leave users more vulnerable more


We are planning to redesign our site. We would like You to express your opinion in this respect. Would you like to leave the site as it is? What changes would you like to suggest?
	Yes, I like the site as it is.
	It's ok, but some changes are necessary.
	It should be changed completely.


Top	\| home \| testing and reviews \| testing policy \| press_releases \| developers \| \| articles \| contest \| chat \| forum \| sponsorship & services \| contacts \| links \|	Top