Archive for September, 2010

Experts hack power grid of a power company in no time

Posted in IT Security on September 26, 2010 by cobra

Hey guys, I was browsing the web today and luckily found this kick ass shocking article from an IT security website(http://www.networkworld.com/). It talks about a bunch of Security experts that worked as a team and hacked into a control network overseeing power production and distribution. I always knew that certain methods exist among pros to perform such hacks but never really thought someone can actually implement it in ONE DAY.

Click here to read how the hack was performed. It really got me thinking thoroughly about what might happen to our lives by having such a vulnerable power control network.
😦

Top Five Reasons Database Security Fails In The Enterprise

Posted in IT Security on September 26, 2010 by cobra

Independent Oracle Users Group
survey reveals common database
security missteps made by enterprise

Click here to find out the 5 reasons for database security failures.

😐

Major U.S. organizations hit by ‘Here you have’ email worm

Posted in IT Security on September 13, 2010 by cobra

A number of major U.S. major organizations were affected by a rapidly spreading email worm that hit inboxes worldwide beginning Thursday.

While security experts are not certain why the masterminds opted for such an old-school attack method, the outbreak appears to be fizzling out. But not before computers at NASA, the Florida Department of Transportation, ABC, Comcast, AIG, Disney and Proctor & Gamble were affected, according to tweets and public reports.

Symantec on Thursday afternoon raised its threat level to 3 out of 4, or high, based on the widespread nature of the attack, Kevin Haley, director of Symantec Security Response, told SCMagazineUS.com on Friday.

Click here to read the full article about this attack

Five Ways to Stop Mass SQL Injection Attacks

Posted in IT Security on September 3, 2010 by cobra

The best practices for mitigating this popular form of attack often are not being deployed

By Ericka Chickowski, Special To Dark Reading
DarkReading.com

A new wave of mass SQL injection attacks seen in mid-August to hit over half a million websites, including parts of Apple’s site serves as a weighty reminder of the growing prevalence of mass injections and of SQL injections in general as a favorite means of hackers to tap into organizations’ infrastructure and data resources.

In light of these attacks, security researchers believe now is as good of a time as any to revisit some best practices necessary to prevent mass SQL injections and mitigate the risks associated with injection attacks. These practices are hardly revolutionary, but it is clear that they aren’t being implemented as widely as they need to be.

“You keep seeing the same issues come up over and over again for many years now,” says Alex Rothacker, manager of Team SHATTER, Application Security Inc.’s research arm. “Even with this Apple attack, they used a little bit more advanced attacks, but still it’s stuff that’s been talked about at Black Hat for two years now.”

Please Click Here to read the Best Practices to avoid this Phenomenon.