SC Magazine Pod-Cast on Massive SQL Injection Attack

Yesterday Chuck Miller from SC Magazine published a podcast in which I spoke about the details of the latest mass web hack covered earlier. PandaLabs had confirmed that there was no IIS vulnerability involved in this latest round of attacks, rather poorly written .ASP code was the culprit.

However; it’s extreamly important to understand that we are talking about hundreds of thousands of sites that fell victim including the Department of Homeland Security and the United Nations. Thus, we really need to start raising awareness that security must be built into the code from the start to prevent such situations from occuring.

The pod-cast can be found at http://podcasts.scmagazine.com/

Advertisements

One Response to SC Magazine Pod-Cast on Massive SQL Injection Attack

  1. I rewrote the malicious code to go through and restore the corrupted database.

    http://8ways.net/sql-injection-attack-defence/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: