Latest Security Threats

• SQL Injection --  the most common web application attack

  SQL (Structured Query Language) provides an interface to facilitate access to and interaction with a database. A database usually stores data in tables and procedures.
  An SQL injection is an attack method that aims at penetrating a back-end database to manipulate, steal or modify information in the database. This attack method exploits the web application by injecting malicious queries, causing the manipulation of data.
   

• Clickjacking threat

  The attacker exploit malicious websites and take control of the links the browser visits. The attacker makes the visitor click on any link, any button, or anything on the page without even seeing it happening.
   

• Asprox silent defacement

  These worms utilize innocent web surfers' PC's to Google after vulnerable web sites. Once a list of suspects has been compiled, automatic signature-evasive Blind Sql Injection attacks are blindly shot at every GET / POST parameter within the web application.
   

• New phishing scams

  New phishing scams change domain name servers for the actual company site and capture login details.
   

• Low-level rootkit threats

  Low-level rootkit threats hide below the Windows Registry and then add malware clients when protection is disabled.

More Security Industry Information