Stories
Slash Boxes
Comments

SoylentNews is people

Injection Attacks: The Least Glamorous Attack is One of the Most Threatening

posted by CoolHand on Wednesday November 08 2017, @05:44PM   Printer-friendly
from the hot-sql-injection dept.

MrPlow writes:

Submitted via IRC for soycow1984

They may not grab the most headlines, but injection attacks are the most common threats targeting organizational networks, according to IBM MSS data.

The facts are clear. According to IBM X-Force analysis of IBM Managed Security Services (MSS) data, injection attacks are the most frequently employed mechanism of attack against organizational networks. In fact, for the period assessed (January 2016 through June 2017), injection attacks made up nearly half — 47 percent — of all attacks. The most common types were operating system command injection (OS CMDi) and SQL injection (SQLi). Injection attacks versus all attacks. Figure 1: Injection attacks versus all attacks (Source: IBM Managed Security Services data).

Attackers take advantage of injection vulnerabilities in operating systems and applications to penetrate critical web servers and access back-end databases. From using malicious webshells to planting cryptocurrency mining tools or malicious PHP scripts, there are many ways in which cybercriminals can use injection attacks to reach their end goal.

Source: https://securityintelligence.com/injection-attacks-the-least-glamorous-attack-is-one-of-the-most-threatening/

Original Submission

 
This discussion has been archived. No new comments can be posted.
Injection Attacks: The Least Glamorous Attack is One of the Most Threatening | Log In/Create an Account | Top | 21 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2, Funny) by Anonymous Coward on Wednesday November 08 2017, @07:44PM (3 children)

    by Anonymous Coward on Wednesday November 08 2017, @07:44PM (#594217)

    "Then there is the fact that outward appearances are actually more important for a business than the working internals."

    What?

    Really?

    HOLY BRANDING, BATMAN!

    OK, here's my new business plan. I'm glad you folks are sitting down, cause this one's gonna blow your balls right off.

    Cardboard box. Got it? Follow the vision here. Deluxe, embossed printing, perfectly proportioned cardboard box.

    Nothing inside.

    Sell them for TEN MILLION BUCKS each. Nobody cares about the interior.

    Where's my money, bitches?

    Starting Score:    0  points
    Moderation   +2  
       Funny=2, Total=2
    Extra 'Funny' Modifier   0  
    Total Score:   2  

  • (Score: 3, Informative) by Thexalon on Wednesday November 08 2017, @09:41PM

    by Thexalon (636) on Wednesday November 08 2017, @09:41PM (#594252)

    Been done already: Remember the "I Am Rich [wikipedia.org]" phone app that did absolutely nothing but demonstrate that somebody could pay a grand for an app that does nothing?

    --
    The only thing that stops a bad guy with a compiler is a good guy with a compiler.

  • (Score: 0) by Anonymous Coward on Thursday November 09 2017, @03:53PM

    by Anonymous Coward on Thursday November 09 2017, @03:53PM (#594656)

    On an unrelated note: http://www.latimes.com/business/la-fi-pink-doughnut-boxes-20170525-htmlstory.html [latimes.com]

  • (Score: 1, Funny) by Anonymous Coward on Thursday November 09 2017, @05:36PM

    by Anonymous Coward on Thursday November 09 2017, @05:36PM (#594722)

    "Where's my money, bitches?"

    Apple's got it. BTW, Apple patented the business model of selling empty, shiny cardboard boxes.