US-Cert warns of widespread SQL injection attacks

The US Computer Emergency Readiness Team (US-Cert) has warned of widespread SQL injection attacks that are compromising websites.

Antony Savvas

The US Computer Emergency Readiness Team (US-Cert) has warned of widespread SQL injection attacks that are compromising websites.

The attacks are targeting websites across all sectors, said US-Cert. The compromised sites have been modified to include a malicious JavaScript file.

When a user unknowingly visits a compromised site, they are re-directed to a series of malicious web pages that attempt to exploit multiple client-side vulnerabilities in a number of applications, including Internet Explorer and RealPlayer.

To mitigate the risk, US-Cert is urging users and administrators to update RealPlayer, if they have it, to the latest version, and to disable ActiveX controls in their browsers.

Read more on IT risk management

All
News
In Depth
Blog Posts
Opinion
Photo Stories
Videos

Start the conversation

Send me notifications when other members comment.

-ADS BY GOOGLE

SearchCIO

Comparing chatbots vs. virtual assistants vs. conversational agents

Is a conversational agent the same as a chatbot or a virtual assistant? Not exactly. IBM Watson VP and CTO Rob High explains the ...
MIT CIO 2019: Scaling AI and data to build the 'smart enterprise'

The theme of MIT Sloan CIO Symposium 2019 is 'leading the smarter enterprise.' We caught up with event chair Lindsey Anderson to ...
A buyer's guide to PPM tools, features, benefits and vendors

Explore all the factors that go into purchasing a project portfolio management platform, including analysis features, ...

SearchSecurity

8 ways to protect building management systems

Security threats to building management systems can come from numerous sources. Expert Ernie Hayden outlines these potential ...
New Mirai malware variant targets enterprise devices

Researchers from Palo Alto Networks have spotted a new variant of the Mirai botnet that is targeting enterprise presentation ...
Experts praise Norsk Hydro cyberattack response

Aluminum manufacturer Norsk Hydro was hit with ransomware that forced a switch to manual operations. The company's incident ...

SearchNetworking

VMware-VeloCloud sees the future of SD-WAN with 5G, hybrid cloud

A glimpse into one software-defined WAN vendor's vision shows a heavy interest in SD-WAN's integration with the network edge, 5G ...
3 types of configuration tools for network change management

From openly available scripting tools to vendor-supplied services, network change management and configuration tools generally ...
Infovista-Ipanema SD-WAN gets cloud orchestrator for MSPs

Infovista has added a cloud-based orchestrator to its SD-WAN product. The latest feature in Infovista Ipanema is meant to make ...

SearchDataCenter

Can IT admins benefit from a DevOps environment?

Admins might wonder if they need to pay attention to DevOps, but collaboration with developers helps minimize bad code and ...
4 PowerShell modules every IT pro should know

Find out how to use four of the most popular PowerShell community modules in the PowerShell Gallery to help better manage your ...
IBM quantum computing may arrive sooner than expected

If IBM continues doubling the performance of its quantum computers, as recent benchmarks indicate, it could deliver the first ...

SearchDataManagement

Machine learning approaches gain critical mass for data pros

Machine learning will bring change to analytics and data management, said data luminary Michael Stonebraker. Others agree ...
Big data management practices gain attention amid risks

Many data professionals have yet to solidify traditional data management practices, but they have a new set of challenges to ...
Aerospike database garners Spark, Kafka connectors

Apache Kafka and Apache Spark connectors ease use of the Aerospike NoSQL data store in high-speed applications such as analytics ...

Close