Saturday, February 21, 2009

Microsoft Warns of SQL Attack

Just days after patching a critical flaw in its Internet Explorer browser, Microsoft is now warning users of a serious bug in its SQL Server database software


Microsoft issued a security advisory saying that the bug could be exploited to run unauthorized software on systems running versions of Microsoft SQL Server2000 and SQL Server 2005.

Attack code that exploits the bug has been published, but Microsoft said that it has not yet seen this code used in online attacks. Database servers could be attacked using this flaw if the criminals somehow found a way to log onto the system, and Web applications that suffered from relatively common SQL injection bugs could be used as stepping stones to attack the back-end database, Microsoft said.

Software bugs have become one of the major threats in today's world. Software bugs may attempt to exploit known vulnerabilities in a system. The reason I choose this artice is that it emphasis on a software bug creeping in after a recent fixation by the Microsoft in its Internet Explorer browser. This shows how the software bugs can creep up at any point of time and how vulnerable that makes our computer information. It also helps analyze how the software bug can effect a large number of people.

Please refer the link for full article

http://www.csoonline.com/article/472417/Microsoft_Warns_of_SQL_Attack


Friday, February 13, 2009

Cyber Attacks


Cyber terrorism
is the premeditated use of disruptive activities, or the threat thereof, against computers and/or networks, with the intention to cause harm or further social, ideological, religious, political or similar objectives, or to intimidate any person in furtherance of such objectives
.

Despite significant investment in technology and infrastructure, cyber terrorism represents one of the greatest challenges in combating terrorism. Every day the Internet and coutless other computer systems are under attack.The intention of a cyber terrorism attack could range from economic disruption through the interruption of financial networks and systems or used in support of a physical attack to cause futher confusion and possible delays in proper response.

The article I choose is " The Cyber Attack of Russia on Geogia "


This article throws light on how cyber attacks have caused billions of dollars in damage and affected the lives of millions.This helps analyze that cyber attacks will likely become an increasingly common element of future warfare.This emphasizes on how these cyber attacks can lead to Loss of sales during disruption, Loss of intellectual property, Costs of forensics for recovery and litigation, Loss of critical communications in time of emergency and Loss of confidence and credibility in our financial systems.

The type of attack used was Denial of Service attack. In the Attack Taxonomy this article comes under the DoS/DDos Attacks.

Link to the full article

http://www.technewsworld.com/story/64494.html?wlc=1234550876



Friday, February 6, 2009

Fresh Facebook malware attack spotted


Security experts are warning users and administrators of a new crop of Facebook malware.

F-Secure said in a recent blog posting that the company has tracked down a number of pages on the social networking site which attempt to infect users by promising free videos. New attacks spread via networking site.

The reason I choose this article is that it emphasizes on what a large scale malware infection can be spread. Facebook being a very popular networking site, this marlware attack had an impact on millions of users. The economic impact of malware events increases as organizational size increases.

Today, with lot of sensitive data like date of birth, phone number and social security number being posted online, the risk of the data being compromised is very high. It is highly necessary to protect our information from being tampered.


Then how can we identify?

  • Never open a file from an unknown source. Although it’s probably over kill, I suggest that you mark all recently downloaded or installed items on your computer without your prior knowledge to be malware.
  • Update your OS. If possible, download and install all security fixes. No matter how much you have Windows it’s always good practice to patch up your OS to prevent others from exploiting it’s holes.
  • Install security software like AVs and ASs.
  • Activate the Guest account. If multiple people are using your PC, restrict their access by using a guest account or equivalent. Sure, you may end up editing the Policies so they can save and edit files but at least they won’t be able to install malware behind your back, unintentionally or otherwise.
  • Stop look and read thatURL.
  • Keep changing the passwords.
  • Use common sense. The spread of most malware relies on carelessness on the part of the victim. If a sudden message pops in your IM that looks as if it’s screaming “Hey click me I’m a spam site”, do yourself a favor and close the window.
This article helps extend our knowledge on how malware can have adverse effects on our day to day life. So it is better to be cautious and careful when accessing the internet.

Please refer the following link for full article:

http://www.vnunet.com/vnunet/news/2228485/fresh-facebook-malware-attack