Wednesday December 3, 2008 7:25 AM AEST
Vulnerability Alerts
SANS
 
Microsoft
 
CERT/CC
 
 
Latest Comments
"trend is good antivirus software."
on Trend Micro OfficeScan Client/Server Edition
by jack | Dec 3, 2008 7:02 AM
 
"I feel it with you guys. These irritating interruptions on privacy MUST be stopped. It is a ..."
on Yahoo and Microsoft take aim at lottery scams
by Jan Wilmans | Dec 2, 2008 7:11 PM
 
"My AVG WILL NOT UPDATE"
on AVG update deletes critical Windows file
by James Downs | Dec 2, 2008 5:58 AM
 
"Concerned man's comments seem to intimate that if I'm using agents all will be well but the ..."
on Shavlik Technologies to broaden its patch management offerings
by Werner K | Nov 26, 2008 8:36 PM
 
"That will enhance Microsoft Office system, including SharePoint - good platform for enterprise ..."
on Companies have security to consider with in-the-cloud Office
by SGE | Nov 25, 2008 3:29 PM
Web

BusinessWeek hit by hackers

  • Email a Friend
  • Print Page
Related Articles
By Dan Raywood
Sep 22, 2008 9:57 AM | 1 Comment
Tags: BusinessWeek | hit | by | hackers
The website of BusinessWeek has been hacked in an attempt to infect the visitors with malware.

According to research by Sophos, hundreds of web pages in a section for MBA students to find employment have been affected. The hackers used an SQL injection attack to infect the pages with code that tries to download malware from a Russian web server.

Although the Russian website was down and not delivering further malicious code at the time of the Sophos research, it claimed that it could be revived at any time as the hackers' scripts are still present and active on their site.

Brett Myroff, CEO of regional Sophos distributor, Sophos South Africa, said: “While it is concerning when any site suffers a malicious SQL injection attack, the stakes are even higher when it is one of the 1000 busiest websites on the Internet.

A potentially large number of people visiting the site and accessing information may be putting their finances or personal data at risk if they are not properly protected.

“Companies hit by SQL injection attacks need to move fast to not only remove the malicious scripts, but also to ensure they do not get infected again.

Companies with websites that have been struck by such an attack often clean-up their database, only to be infected again a few hours later.

“The latest BusinessWeek attack should alert all businesses to the importance of ensuring their Web sites are fully protected against attacks, and that all vulnerabilities are patched.”

See original article on scmagazineus.com

Secure Computing Magazine

 
Ads by Google
Thoughts on this article? Add a comment below.
Comments: 1
This is amazing. BusinessWeek ran a special issue on cyber espionage in April. See my post on it at http://aspnovelist.blogspot.com/2008/04/cyber-attacks-are-like-sex-no-one-wants.html I have always believed that hackers will one day hack into major infrastructure and really bring the country to a halt. I even wrote a thriller on this very scenario. Check it out at the publisher's site at http://www.lulu.com/content/3515824 I even have a so called covert operative asking me to run highly classified information on my blog. Check it out at http://aspnovelist.blogspot.com I really don't know if the operative is real, I'm just running the information he gives me.
SC Magazine - comments icon Posted by Anthony S. PolicastroSep 22, 2008 10:50 PM
Report this comment as offensive:

   * Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.  
Name:
*
 
Email:
(will not be displayed)
*
 
Comment:
(HTML not permitted)
*
 
Validation
*

Enter the code you see below:

 

 
 
 
 
 
Tripwire - Click here to win an iTouch
 
 
Vulnerabilities & Exploits Whitepapers
 
Popular Tags
cbs central clickjacking cyberwar enable forensics georgia hackers hit malware may musical networks obama p2p penalty responsible scam school tools