Forwarded from: security curmudgeon <jericho (at) attrition.org> : http://www.techworld.com/security/news/index.cfm?newsID=9336 : : By Jeremy Kirk : IDG news service : 29 June 2007 : : A hacker has successfully attacked a web page within Microsoft UK : domain, resulting in the display of a photograph of a child waving the : flag of Saudi Arabia. : : It was "unfortunate" that the site was vulnerable, said Roger Halbheer, : chief security advisor for Microsoft in Europe, the Middle East and : Africa. And lest we forget history, this isn't the first time Microsoft has been hit. Worse, this isn't the first time for Microsoft UK. And poor Halbheer, I wonder how long he's been in that position.. ./1999/10/24/msrconf.microsoft.com ./2000/01/04/www.microsoft.com.tw ./2000/06/03/www.microsoft.com.br ./2000/11/07/events.microsoft.com ./2000/12/14/www.microsoft.si ./2000/12/17/www.microsoft.si ./2001/01/23/www.microsoft.co.nz ./2001/04/19/www.microsoft.be ./2001/04/20/www.microsoft.com.gr ./2001/04/27/www.microsoft.com.gr ./2001/05/03/www.microsoft.co.uk ./2001/05/03/www.microsoft.com.mx ./2001/05/03/www.microsoft.com.sa ./2001/05/07/streamer.microsoft.com ./2001/05/12/pc.microsoft.is ./2001/05/17/www.microsoft.ro ./2001/07/19/windowsupdate.microsoft.com Check Zone-H for Microsoft defacements after these. : SQL injection attacks are on the rise, overall, since valuable data is : held within databases, said Paul Davie, founder and chief operating : officer of Secerno, a security vendor that develops technology to : protect databases from SQL attacks. : : "I don't think Microsoft are unique in this respect and shouldn't be : held up as particularly slipshod," Davie said. "This could have happened : to practically anybody." If Microsoft can't stop SQL injection, how are customers to trust more complex vulnerabilities like those overflow thingies or memory corruption? _____________________________________________________ Attend Black Hat USA, July 28-August 2 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 30 hands-on training courses and 90 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 70 nations. Visit product displays by 30 top sponsors in a relaxed setting. Rates increase on June 1 so register today. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Tue Jul 03 2007 - 22:38:53 PDT