By Jeremy Kirk
IDG News Service
28 October 2008
Search engines such as Google are still widely being used by hackers
against web applications that hold sensitive data, according to a
Even with rising awareness about data security, it takes all of a few
seconds to pluck Social Security numbers from websites using targeted
search terms, said Amichai Shulman, founder and chief technology officer
for database and application security company Imperva.
The fact that Social Security numbers are even on the web is a human
error; the information should never be published in the first place. But
hackers are using Google in more sophisticated ways to automate attacks
against websites, Shulman said.
Shulman said Imperva recently discovered a way to execute a SQL
injection attack that comes from an IP address that belongs to Google.
Register now for HITBSecConf2008 - Malaysia! With
a new triple-track conference featuring 4 keynote
speakers and over 35 international experts, this
is the largest network security event in Asia and
the Middle East!