|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: InfoSec News (alerts
infosecnews.org)
Date: Wed Jul 04 2007 - 00:31:07 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Forwarded from: security curmudgeon <jericho (at) attrition.org>
: http://www.techworld.com/security/news/index.cfm?newsID=9336
:
: By Jeremy Kirk
: IDG news service
: 29 June 2007
:
: A hacker has successfully attacked a web page within Microsoft UK
: domain, resulting in the display of a photograph of a child waving the
: flag of Saudi Arabia.
:
: It was "unfortunate" that the site was vulnerable, said Roger Halbheer,
: chief security advisor for Microsoft in Europe, the Middle East and
: Africa.
And lest we forget history, this isn't the first time Microsoft has been
hit. Worse, this isn't the first time for Microsoft UK. And poor
Halbheer, I wonder how long he's been in that position..
./1999/10/24/msrconf.microsoft.com
./2000/01/04/www.microsoft.com.tw
./2000/06/03/www.microsoft.com.br
./2000/11/07/events.microsoft.com
./2000/12/14/www.microsoft.si
./2000/12/17/www.microsoft.si
./2001/01/23/www.microsoft.co.nz
./2001/04/19/www.microsoft.be
./2001/04/20/www.microsoft.com.gr
./2001/04/27/www.microsoft.com.gr
./2001/05/03/www.microsoft.co.uk
./2001/05/03/www.microsoft.com.mx
./2001/05/03/www.microsoft.com.sa
./2001/05/07/streamer.microsoft.com
./2001/05/12/pc.microsoft.is
./2001/05/17/www.microsoft.ro
./2001/07/19/windowsupdate.microsoft.com
Check Zone-H for Microsoft defacements after these.
: SQL injection attacks are on the rise, overall, since valuable data is
: held within databases, said Paul Davie, founder and chief operating
: officer of Secerno, a security vendor that develops technology to
: protect databases from SQL attacks.
:
: "I don't think Microsoft are unique in this respect and shouldn't be
: held up as particularly slipshod," Davie said. "This could have happened
: to practically anybody."
If Microsoft can't stop SQL injection, how are customers to trust more
complex vulnerabilities like those overflow thingies or memory
corruption?
_____________________________________________________
Attend Black Hat USA, July 28-August 2 in Las Vegas,
the world's premier technical event for ICT security
experts. Featuring 30 hands-on training courses and
90 Briefings presentations with lots of new content
and new tools. Network with 4,000 delegates from
70 nations. Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on
June 1 so register today. http://www.blackhat.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]