Language Selection

English French German Italian Portuguese Spanish

Online stores come under attack

Filed under
Security

The move to target the databases and programs that power online shops is a significant change in tactics.

In one case, an attacker got hold of a PC maker's entire customer list and sent everyone on it a nasty note.

"It's kind of like an arms race. It's the next logical step to go after the application itself," said Rob Straight from software firm Compuware.

"There are a lot of people that spend their time and energy to think of ways to break into applications maybe for fun and maybe for profit," he said.

Businesses connected to the net, and especially those that run online shops, are used to defeating all kinds of attacks. On a daily basis they have to cope with attempts to exploit known vulnerabilities as well as viruses and worms that try to slip through security software.

Evidence for just how new this is can be seen in the latest list of the Top 20 most vulnerable programs released in early May by the Sans Institute.

For the first time this list included such things as media players, anti-virus programs, web browsers and databases.

Vulnerabilities in browsers and media players are proving popular with the malicious hackers, said Gerhard Eschelbeck, chief technology officer at security firm Qualys and a Sans contributor.

Web shops and online banks were seeing far more attempts to inject working computer code into the databases and applications behind the scenes of many websites, said Donal Casey, spokesman for Diagonal Security.

Some attackers try to enter database commands into such fields just to see what happens. In such cases "unpredictable results" could see those commands executed and a database seriously compromised, said Mr Straight.

Attackers could end up with a store's entire customer list, including credit card numbers and bank account details.

Full Story.

Also

Also some Linux websites are getting hit too.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

LXQt 0.11.0 Desktop Environment Arrives After Almost One Year of Development

After being in development for the past eleven months, the next major release of the lightweight, Qt-based LXQt desktop environment has been officially released and it's available for download. Read more

Antivirus Live CD 20.0-0.99.2 Uses ClamAV 0.99.2 to Protect Your PC from Viruses

Today, September 25, 2016, 4MLinux developer Zbigniew Konojacki informs Softpedia about the immediate availability for download of a new, updated version of his popular, independent, free, and open source Antivirus Live CD. Read more

How to: Install Google Chrome web browser on Ubuntu Linux (and uninstall Firefox)

Ubuntu comes with a lot of quality software pre-installed. Unfortunately, the default web browser, Mozilla Firefox, has been on the decline -- it is slow and clunky. On Linux, Google Chrome is now the top web browser, and it is the best way to experience Adobe Flash content too (if you still need it). Installing Google Chrome on the Linux-based operating system is not totally straightforward. This is unfortunate, as the search-giant's web browser is an important part of having an overall quality experience on Ubuntu. Don't worry, however, as we will help you to both install the wonderful Google Chrome and uninstall the disappointing Mozilla Firefox. Read more

Parsix GNU/Linux 8.10 "Erik" Gets the Latest Debian Security Fixes, Update Now

A few minutes ago, the development team behind the Debian-based Parsix GNU/Linux computer operating system announced that new security fixes are now available for the Parsix GNU/Linux 8.10 "Erik" release. Read more