RSS

Category: Top 10 Database Vulnerabilities

Security Events In 2012 May Indicate What’s To Come In 2013

Posted January 3, 2013 by TeamSHATTER Admin in Attack Vectors, Data Breach, Database Security, DoS with 0 comments
past

For all the apocalyptic prognostications, 2012 turned out to be a relatively uneventful year from an information security standpoint. A cyber Pearl Harbor did not happen. Stuxnet and its kin did not take out any power grids or shut down cities. Mobile threats continued to escalate and malware became more sophisticated, but none were as game-changing in nature as Stuxnet was. While there were still plenty of data breaches, including a handful of big ones, they were much smaller in scope compared…

Click for complete article >>

In The Latest Of The Recent Denial-Of-Service Bank Attacks, HSBC Falls Victim

Posted October 22, 2012 by TeamSHATTER Admin in Attack Vectors, Data Breach, Database Security, DoS, Finance and Banking with 0 comments
bank

Capital One, HSBC, Bank of America, Wells Fargo are among the near-dozen financial Websites hit by distributed denial-of-service attacks over the past few weeks. These attacks have disrupted daily operations for banks and made it difficult for customers to take advantage of online banking services. A group calling itself Izz ad-Din al-Qassam Cyber Fighters has claimed credits for most of the incidents and has named the institutions it will target a few days before launching the attacks. Even with the…

Click for complete article >>

Arrest Made, Charged For Denial-Of-Service Attacks Against Amazon.com

Posted July 24, 2012 by TeamSHATTER Admin in Data Breach, Database Security, DoS, Retail with 0 comments
arrest

Officials at the U.S. Department of Justice announced that a Russian man has been arrested in Cyprus in connection with attacks on Amazon.com. The man, Dmitry Olegovich Zubakha, 25, of Moscow, was arrested July 18 on an international warrant. Zubakha was indicted in May of 2011 for launching two denial-of-service (DoS) attacks on the Amazon Website. The indictment, which was unsealed Thursday, also links him to other DoS attacks on Priceline.com and eBay. Click for complete article >>

Click for complete article >>

Anonymous Said To Be Unstoppable — But For The Wrong ReasonsTeam Shatter Exclusive

Is Anonymous Unstoppable?

Late on Friday afternoon, Nicole Perlroth of the New York Times posted a piece to the ‘Bits’ blog titled, “Anonymous Says It Knocked C.I.A. Offline”. Within the post, in reference to the latest Anonymous activity, she quotes Jerry Irvine, member of the National Cyber Security Task Force as saying, “This is going to happen more and more frequently — they’re unstoppable. Why can’t they be stopped? Because security technologies have not kept up with the extent of the vulnerabilities that…

Click for complete article >>

Does Software Security Suffer When The Customer Is No Longer Master?Team Shatter Exclusive

king throne

When it comes right down to it, you can only have one master – one that you serve and aim to please above all others. If you went around asking CEOs who their company’s master is, you’re likely to get the same response each and every time:  our customer is our master. The thing is, that’s not always true, particularly when it comes to publicly traded companies. When you sell shares of your company to the public, you take on…

Click for complete article >>

How To Respond To A Denial-Of-Service Attack

Posted July 25, 2011 by TeamSHATTER Admin in Best Practices, Data Breach, Tips and Tricks, Top 10 Database Vulnerabilities with 0 comments
Denial of service

Denial-of-service (DoS) — particularly distributed denial-of-service (DDoS) — attacks have hit many enterprises recently, from Sony to Bank of America.For years, most companies wrote off DoS attacks as an acceptable risk because the probability of becoming a victim was relatively low, as was the risk of damage to the business. Recently, however, this class of attack has increased in popularity, causing many organizations to rethink the relative risk. CEOs are concerned about lost revenue and bad press; IT frets over…

Click for complete article >>

TeamSHATTER Analysis Of The July 2011 Oracle CPUTeam Shatter Exclusive

Oracle Security Patch

Another July, another Oracle CPU. With ‘unbreakable’ timeliness, Oracle released their 27th Critical Patch Update yesterday at 1pm PDT sharp. This time around, they shipped 78 security fixes over all their product families. Sixteen of the fixes are specific to the Oracle Database, but a total of 30 fixes have an impact on database confidentiality, integrity or availability. I am very pleased to see that Oracle has refocused their efforts on fixing database issues. This is something that myself and …

Click for complete article >>

Reports: DHS, IRS Databases At Risk

DHS IRS Database Security

Some of the federal government’s most critical agencies are falling down on database security with misconfigurations, vulnerabilities, and a lack of best practices, putting sensitive citizen and defense information at risk as a result, new government audits show. Just this week, the Office of the Inspector General (IG) found that the Department of Homeland Security (DHS) — the agency in charge of ensuring Federal Information Security Management Act (FISMA) compliance among all government agencies — itself has a number of…

Click for complete article >>

DHS, Mitre Name SQL Injection Flaws As Most Dangerous Software Error

SQL Injection

Vulnerabilities that leave applications open to SQL injection are the most dangerous software errors in cyberspace, according to rankings issued earlier this week by top security groups. Issued by the Department of Homeland Security, Mitre, and the SANS Institute, the “2011 CWE/SANS Top 25 Most Dangerous Software Errors” is a list of the most widespread and critical errors that can lead to serious vulnerabilities in software. “They are often easy to find, and easy to exploit,” the groups say. “They…

Click for complete article >>

Avoiding The Next Big Data BreachTeam Shatter Exclusive

Data breach prevention

2011 has been turning out to be looking very different than 2010 with respect to data loss.  A year ago, in 2010, the large data breaches were minimal in occurrence.  In fact, the total records compromised were just 4 million according to Verizon’s 2011 Data Breach Investigations Report, in their sample set.  While the data loss decreased dramatically, compared to the previous year’s amount of 144 million, the sheer number of incidents dramatically rose. I’ve attended talks earlier this year…

Click for complete article >>
Powered by