In the first post of this series I outlined my plan for the upcoming U.S. election. I’ll find unvarnished information about the candidates from sources like public records, create a website to display that information, and then re-route web traffic from the candidates’ own URL’s to my website. So far we’ve covered setting up the servers and collecting public information.
By now you’ve read about the new indictment of five hackers from Russia and Ukraine in what is being called the “largest data breach scheme in the US.” You can read the DOJ press release here and/or a redacted copy of the indictment here [PDF]. In what is really a continuation of the Albert Gonzalez saga,
SQL Injection attacks are getting a great deal of coverage lately, and with good reason. After all, it was recently revealed that SQL injection may have enabled the breach at Heartland Payment Systems. Obviously, this issue is serious enough to warrant concern and action.
When considering ways to mitigate SQL injection attacks,
SQL injection attacks have been in the news lately given two recent highly publicized attacks against security vendors. According to a recent IBM report, SQL injection attacks increased 30X between this past summer and the end of 2008 and resulted in a 50 percent increase in the number of malicious URLs hosting exploits.