|
|
 |
|
|
DISCLAIMER: Logging other people's keystrokes or breaking
into other people's computer without their permission can
be considered illegal by the courts of many countries.
The monitoring software reviewed here is ONLY for authorized
system administrators and/or owners of computers.
We assume no liability and are not responsible for any misuse
or damage caused by the keylogging software. The end user of
this software is obliged to obey all applicable local, state,
federal and other laws in his country of residence.
July 04, 2008
SQL attacks lob onto tennis association Web site
Visitors to the Association of Tennis Professionals Web site have potentially been infected with spyware after apparent lax security allowed a malicious script to be injected across its pages.
The SQL injection attack acts as a conduit for spyware and Trojans to be downloaded to victims' machines.
While the manner of attack is nothing new, Microsoft's Technet warned it has detected an increase in the type of attack on Web sites using Microsoft ASP and ASP.NET.
It attributes the vulnerability to poor Web application security practices, rather than product flaws.
"These SQL injection attacks do not exploit a specific software vulnerability, but instead target Web sites that do not follow secure coding practices for accessing and manipulating data stored in a relational database," the site reads.
"When a SQL injection attack succeeds, an attacker can compromise data stored in these databases and possibly execute remote code. Clients browsing to a compromised server could be forwarded unknowingly to malicious sites that may install malware on the client machine."
Sophos principal virus researcher Fraser Howard said the attack, which commenced in June, sought to capitalize on the popularity of this year's Wimbledon grand slam.
"The hackers responsible for this attack don't care what sites they infect, so long as there is a stream of potential victims likely to surf across the Net, straight into their trap. The ATP website is just one of many sites to have been exploited by hackers trying to steal information from innocent internet users," Howard said.
"With the Wimbledon tournament taking place at the moment, the ATP website will be receiving a spike in visitors - but any tennis fan visiting the infected pages on the site risks being served straight into a crook's criminal racket."
Source: NetworkWorld
All news for September, 2008
All news for 2008 year
All news for 2007 year
All news for 2006 year
All news for 2005 year
All news for 2004 year
DONATION: Keylogger.org is an independent research
project supported by a team of enthusiasts. If you find this
project useful or would like to help foster its continued
development please consider making a donation using PayPal`s
online secure payment service. A PayPal account is not required.
All major credit cards are accepted (MasterCard/Eurocard,
Visa/Delta/Electron, American Express, Switch/Maestro, Solo).
Simply click the button below.
Any amount would be useful and appreciated!
Thanks in advance for your support!
|
|
|
|
|
