Tuesday, January 8, 2008

Large amount of web sites compromised. Where is the ISC?

Several sources are reporting about web sites getting compromised on a massive scale (one site mentions 94,000 compromises, and rising). Of course, as it happens often when this kind of report hits wires, surprising little information is actually available. Michael of terminal23 blog shares this observation.

In the article on The Register, Johannes Ullrich of the Internet Storm Center is quoted saying that the compromises are the result of exploitation of unpatched SQL-injection vulnerabilities.

Normally, the ISC is a good source of information, but lately I have been disappointed. Very few noteworthy dairy reports are published, and even today, there is no mention of this event. For an incident of this scale, I had hoped to find more detailed information being publicly disclosed.

No comments:

Post a Comment

Please share your view and opinions on what I wrote. In order to maintain quality, all comments will be moderated for merit. Contributions that call me out on statements that appear unfounded, wrong, or simply with which you disagree are highly appreciated and are even encouraged. Spam and 'me too' answers will be ignored.