|
|
Adobe Sites Hit by Malware
Share this Article  Digg
 Del.icio.us
 Newsvine
 Facebook
 Google
 LinkedIn
 MySpace
 Redit
 Slashdot
 StumbleUpon
 Technorati
 Twitter
 Windows Live
 YahooBuzz
 FriendFeed
Page 2 of 2 "SQL injections are a huge problem, and they need to be addressed at the Web and database layers, and you need to encode the outbound data properly," Barnett said. "Then there's cross site scripting where the bad guys inject JavaScript Together, SQL injections and cross site scripting account for "about 60 percent" of all Web site attacks, Dave Marcus, director of security research and communciations at security vendor McAfee, told InternetNews.com. "They're usually Number One and Number Two," he added.
Adobe is "not alone" in having vulnerable Web sites, and these flawed sites are found quickly because "hackers are using automated tools to scan Google (NASDAQ: GOOG) for pages vulnerable to injection commands," Marcus said. When a page is found, it is automatically infected, he added.
That kind of automated search is possible "because it's a by-product of the fact that it's a Web 2.0 world out there, which means there's lots of cross site scripting and SQL back ends," Marcus said.
He recommends that anyone setting up a public-facing Web site must "look at code and application auditing" because, otherwise, "you'll get owned and your site will be used to distribute malware."
Share this Article Digg
Del.icio.us
Newsvine
Facebook
Google
LinkedIn
MySpace
Redit
Slashdot
StumbleUpon
Technorati
Twitter
Windows Live
YahooBuzz
FriendFeed
Security News Solutions
Security News| Contact Richard Adhikari | Back to top |
Solutions in a Small World (Latin America): Sealed with a Kiss Even in today’s Internet-dominated world, in-person business connections still make strong impressions. But face-to-face marketers must be aware of cultural disconnects, explains AMD’s Gerald Youngblood.
|
More stories by this author
Comment and Contribute
