http://www.theregister.co.uk/2012/04/24/crackers_tools/ By John Leyden The Register 24th April 2012 Infosec 2012 - Hackers are increasingly turning to automated software tools to launch attacks. According to research from Imperva, more than 60 per cent of SQL injection attacks and as many as 70 per cent of Remote File Inclusion attacks (the two most common attack types) are automated. Remote File Inclusion attacks allows hackers to plant back doors on PHP-based websites. Tools like Havij and SQLMap are used by miscreants to probe for vulnerabilities and execute SQL injection attacks. These tools also employ techniques to evade detection, such as periodically changing headers or splitting attacks through controlled hosts to avoid black-listing. In the past, using attack tools was purely for script kiddies but these attitudes are changing, according to Rob Rachwald, director of security strategy at Imperva. Automatic attack tools aren't just for the clueless anymore, he says. These tools can be used to attack more applications and exploit more vulnerabilities than any manual method possibly could, making them a useful adjunct for even skilled attackers. "Automated tools are becoming better quality. Both experienced and inexperienced hackers use them but experienced hackers use them with more finesse," Rachwald explained. [...] _______________________________________________ LayerOne Security Conference May 26-27, Clarion Hotel, Anaheim, CA http://www.layerone.orgReceived on Tue Apr 24 2012 - 22:52:11 PDT
This archive was generated by hypermail 2.2.0 : Tue Apr 24 2012 - 22:50:49 PDT