This section contains articles covering IT Security news from around the world.
Articles Tagged ‘Hacking’
Companies and users around the world are struggling to keep their network environments safe from malicious attacks and hijacking attempts by leveraging services provided by high-end firewalls, Intrusion Detection Systems (IDS), antivirus software and other means. While these appliances can mitigate attacks and hacking attempts, we often see the whole security infrastructure failing because of attacks initiated from the inside, effectively by-passing all protection offered by these systems.
I’m sure most readers will agree when I say that end-users are usually responsible for attacks that originate from the internal network infrastructure. A frequent example is when users find a link while browsing the Internet they tend to click on it to see where it goes even if the context suggests that the link may be malicious. Users are unaware of the hidden dangers and the potential damage that can be caused by clicking on such links.
The implications of following links with malicious content can vary for each company, however, we outline a few common cases often seen or read about:
- Hijacking of the company’s VoIP system, generating huge bills from calls made to overseas destination numbers (toll fraud)
- The company’s servers are overloaded by thousands of requests made from the infected workstation(s)
- Sensitive information is pulled from the workstations and sent to the hackers
- Company Email servers are used to generate and send millions of spam emails, eventually placing them on a blacklist and causing massive communication disruptions
- Remote control software is installed on the workstations, allowing hackers to see everything the user is doing on their desktop
- Torrents are downloaded and seeded directly from the company’s Internet lines, causing major WAN disruptions and delays
As you can see there are countless examples we can analyze to help us understand how serious the problem can become.
Download this whitepaper if you are interested to:
- Learn which are the Top 10 Dangerous sites users visit
- Learn the Pros and Cons of each website category
- Understand why web content filtering is important
- Learn how to effectively block sites from compromising your network
- Learn how to limit the amount of the time users can access websites
- Effectively protect your network from end-user ‘mistakes’
- Ensure user web-browsing does not abuse your Internet line or Email servers
We apologise however the whitepaper is no longer available by the vendor. Head to our homepage to read up on new network and security related articles.
SQL Injections have been keeping security experts busy for over a decade now as they continue to be one of the most common type of attacks against webservers, websites and web application servers. In this article, we explain what a SQL injection is, show you SQL injection examples and analyse how these type of attacks manage to exploit web applications and webservers, providing hackers access to sensitive data.
What is a SQL Injection?
Websites operate typically with two sides to them: the frontend and backend. The frontend is the element we see, the rendered HTML, images, and so forth. On the backend however, there are layers upon layers of systems rendering the elements for the frontend. One such layer, the database, most commonly uses a database language called SQL, or Structured Query Language. This standardized language provides a logical, human-readable sentence to perform definition, manipulation, or control instructions on relational data in tabular form. The problem, however, is while this provides a structure for human readability, it also opens up a major problem for security.