Language Selection

English French German Italian Portuguese Spanish

Online stores come under attack

Filed under
Security

The move to target the databases and programs that power online shops is a significant change in tactics.

In one case, an attacker got hold of a PC maker's entire customer list and sent everyone on it a nasty note.

"It's kind of like an arms race. It's the next logical step to go after the application itself," said Rob Straight from software firm Compuware.

"There are a lot of people that spend their time and energy to think of ways to break into applications maybe for fun and maybe for profit," he said.

Businesses connected to the net, and especially those that run online shops, are used to defeating all kinds of attacks. On a daily basis they have to cope with attempts to exploit known vulnerabilities as well as viruses and worms that try to slip through security software.

Evidence for just how new this is can be seen in the latest list of the Top 20 most vulnerable programs released in early May by the Sans Institute.

For the first time this list included such things as media players, anti-virus programs, web browsers and databases.

Vulnerabilities in browsers and media players are proving popular with the malicious hackers, said Gerhard Eschelbeck, chief technology officer at security firm Qualys and a Sans contributor.

Web shops and online banks were seeing far more attempts to inject working computer code into the databases and applications behind the scenes of many websites, said Donal Casey, spokesman for Diagonal Security.

Some attackers try to enter database commands into such fields just to see what happens. In such cases "unpredictable results" could see those commands executed and a database seriously compromised, said Mr Straight.

Attackers could end up with a store's entire customer list, including credit card numbers and bank account details.

Full Story.

Also

Also some Linux websites are getting hit too.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Customers reporting interest in cloud, containers, Linux, OpenStack for 2015

As 2014 comes to a close and IT departments reflect on their initiatives heading into the new year, we asked a group of 115 Red Hat customers -- ranging from Fortune 500 companies to small businesses -- about their priorities for 2015. What we heard from the respondents is promising going into the new year: Budgets are increasing (or at least staying the same); Linux adoption is increasing; cloud deployments will be dominantly private or hybrid; OpenStack is hot; and interest in containers is emerging. Read more

Multi-Stream Transport 4K Monitors To Become Better Supported On Linux

For a number of months David Airlie at Red Hat has been working on DisplayPort Multi-Stream Transport (DP MST) handling for Linux. Keith Packard over at Intel is now playing with DP MST too for bettering modern 4K display support on Linux within X.Org Server based environments. Read more

Enhancing Your Work Habits with KDE

As I write, at least six desktop environments are popular among free software users. However, even with long familiarity, none of the others come close to the versatility of KDE. KDE starts with the classic desktop and adds many of the features that other desktops include, such as panel widgets and special effects. Some of its features, such as hot spots on the screen edges, were unique a few years ago but have since been added to other environments (e.g., Cinnamon). Moreover, even now, few other desktops offer the same degree of customization as KDE, whose settings include options for bringing a window into focus and actions to take when an external device is plugged in. However, where KDE truly excels is in enhancements that extend the traditional desktop and give users new ways to work. Tabbed windows, Desktop Layouts, Activities – all of these are relatively simple improvements on the desktop, but the effect of even the simplest on your work habits can be enough to make you impatient with the limitations of other desktops. Read more

It’s Christmas in FOSS-land!

See, Mageia is a community-driven Linux distribution. Everybody here volunteers and does the work because he or she can and because they want to contribute. The money that we collect in donations goes to paying for server costs, hardware repairs and upgrades, supporting booths and handing out merchandise at conventions (and in one case, flying in a repair person when everything broke). Read more