[ISN] Web attackers deface gov't sites, steal from financials

From: InfoSec News <alerts_at_private>
Date: Wed, 16 Mar 2011 00:04:53 -0600 (CST)
http://www.csoonline.com/article/677028/web-attackers-deface-gov-t-sites-steal-from-financials

By Robert Lemos
CSO
March 15, 2011 

Driven by the hacktivism of the loose-knit Anonymous group, 
denial-of-service attacks surged to the top of the list of Web 
incidents, outpacing SQL injection and cross-site scripting, according 
to a survey of publicly disclosed attacks.

The ongoing survey, known as the Web Hacking Incident Database, 
categorized 222 incidents in 2010 and found that attackers aimed to take 
down the Web sites in a third of the incidents, while defacement 
accounted for 15 percent of attacks and stealing information was the 
goal in 13 percent of incidents. Unsurprisingly, the popular goal of 
causing downtime meant that denial-of-service attacks accounted for 
about a third of attack types, followed by SQL injection (21 percent) 
and cross-site scripting (9 percent).

In many industry reports, denial-of-service is not even on the list, but 
companies should worry about such brute-force tactics, says Ryan 
Barnett, a senior security researchers with security firm Trustwave's 
SpiderLabs, who manages the WHID project.

"You need to re-prioritize because Web servers are actively being 
targeted with denial-of-service attacks," says Barnett.

[...]


___________________________________________________________      
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Received on Tue Mar 15 2011 - 23:04:53 PDT

This archive was generated by hypermail 2.2.0 : Tue Mar 15 2011 - 23:12:41 PDT