Similar Searches

Related News

Latest News

CIA website brought down – were Anonymous attackers responsible?

Dutch ISP KPN hacked, credentials and personal information leaked

Valentine’s Day Cyber Scams that Will Play with Your Heart

Strong Authentication by Itself is Not Enough to Prevent Man-in-the-Browser Attacks

How Criminals Capitalize On Our Digital Lives

SQL injection attacks and malware led to most data breaches

Posted by Dancho Danchev @ 5:27 pm

With millions of personal records and payment card information stolen on a regular basis, several recently released reports independently confirm some of the main sources of breaches. Not surprisingly, that.s not zero day flaws, not even insiders, but good old fashioned SQL injections next to malware infections.

With companies investing more resources into ensuring their networks and employees are protected against the very latest threats, some are clearly overlooking the most basic threats, usually requiring simple or average attack sophistication on behalf of the cybercriminal.

Let’s review the reports detailing the true impact of SQL injections and malware in the context of data breaches.

- UK Security Breach Investigations Report – An Analysis of Data Compromise Cases – 2010

7Safe.s recently released Breach Report for 2010, states that based on the analysis performed by their forensic investigations, 40% of all the attacks relied on SQL injections, with another 20%, a combination of SQL injection attacks and malware. Not only was the source of the attack external in 80% of the cases, but also, a weakness in a web interface was exploited in 86% of the cases, with the majority of affected companies operating in a shared hosting environment….

Read entire article…

http://blogs.zdnet.com/security/?p=5421

About the Author:

Write a Comment

Copyright © 2012 The Security Blog. All rights reserved.