US-Cert warns of widespread SQL injection attacks

The US Computer Emergency Readiness Team (US-Cert) has warned of widespread SQL injection attacks that are compromising websites.

Antony Savvas

The US Computer Emergency Readiness Team (US-Cert) has warned of widespread SQL injection attacks that are compromising websites.

The attacks are targeting websites across all sectors, said US-Cert. The compromised sites have been modified to include a malicious JavaScript file.

When a user unknowingly visits a compromised site, they are re-directed to a series of malicious web pages that attempt to exploit multiple client-side vulnerabilities in a number of applications, including Internet Explorer and RealPlayer.

To mitigate the risk, US-Cert is urging users and administrators to update RealPlayer, if they have it, to the latest version, and to disable ActiveX controls in their browsers.

Read more on IT risk management

All
News
In Depth
Blog Posts
Opinion
Photo Stories
Videos

Start the conversation

Send me notifications when other members comment.

-ADS BY GOOGLE

SearchCIO

How edge computing differs from decentralized computing

Edge computing isn't about sticking servers and storage in a branch location. Learn the critical differences between edge and ...
Facebook's Libra project -- why enterprises should prepare

Facebook's foray into cryptocurrency is setting off alarm bells in government and finance circles. The question is how could the ...
Ransomware attacks: How to get the upper hand

Ransomware attacks are on the rise. Can organizations play like Radiohead and refuse to pay? The answer from security experts is ...

SearchSecurity

Enzoic for Active Directory brings continuous password protection

Updates to Enzoic for Active Directory include NIST-compliant Continuous Password Protection, checking passwords against a live ...
Understand the basics of email security gateways

Email security gateways protect enterprises from threats such as spam and phishing attacks. This article explains how these ...
CyberArk brings updates to privileged access security offering

CyberArk introduces CyberArk Alero to its privileged access management product lineup, in addition to other endpoint management ...

SearchNetworking

An introduction to smart NICs and their benefits

This introduction discusses how smart NICs work and how they can benefit data center servers. It also explores the smart NIC ...
What are the features and benefits of 5G technology for businesses?

In addition to high speeds and low latency, the emergence of 5G cellular technology could put some pressure on the market prices ...
Why did operator NFV adoption lag so much?

NFV adoption was hampered by high costs and deployment issues, according to one industry insider. Also, learn about the latest on...

SearchDataCenter

3 ways to benefit from open source infrastructure

Using open source infrastructure can reduce operating costs and streamline upgrades, but it's important to weigh the pros and ...
IBM mainframes face competitive pressures inside and out

IBM's mainframe business continues to be under pressure from cloud-based competitors, and perhaps even its own Power server. ...
Linux features beyond server management

Due to its open source nature, Linux is constantly gaining new capabilities. Here's a look at some common use cases and features.

SearchDataManagement

11 real-time data streaming roadblocks and how to overcome them

Experts detail common challenges that IT teams encounter when deploying and managing real-time data streaming platforms and offer...
Snowflake product VP expounds on data warehouse for the cloud

In this Q&A, Christian Kleinerman, vice president of product development at cloud data warehouse vendor Snowflake, talks about ...
RavenDB Cloud automates database management

RavenDB's managed cloud database service, RavenDB Cloud, intends to automate security processes, reduce overhead and cater to ...

Close