AOH :: IS1306.HTM

Criminals still using Google to find flaws




Criminals still using Google to find flaws
Criminals still using Google to find flaws



http://www.techworld.com/security/news/index.cfm?newsID=106207 

By Jeremy Kirk
IDG News Service
28 October 2008

Search engines such as Google are still widely being used by hackers 
against web applications that hold sensitive data, according to a 
security expert.

Even with rising awareness about data security, it takes all of a few 
seconds to pluck Social Security numbers from websites using targeted 
search terms, said Amichai Shulman, founder and chief technology officer 
for database and application security company Imperva.

The fact that Social Security numbers are even on the web is a human 
error; the information should never be published in the first place. But 
hackers are using Google in more sophisticated ways to automate attacks 
against websites, Shulman said.

Shulman said Imperva recently discovered a way to execute a SQL 
injection attack that comes from an IP address that belongs to Google.

[...]


__________________________________________________      
Register now for HITBSecConf2008 - Malaysia! With 
a new triple-track conference featuring 4 keynote 
speakers and over 35 international experts, this 
is the largest network security event in Asia and 
the Middle East! 
http://conference.hackinthebox.org/hitbsecconf2008kl/ 

Site design & layout copyright © 1986-2014 CodeGods