Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Hobbyist Dan Thompson created a website in 2000 for music fans to discuss and trade lyrics of one-hit wonders – think “Come on Eileen” or “Ice, Ice Baby” – he never thought the site would become a cyber target.
But that's just what happened last month, when hackers launched injection attacks against the vulnerable site by inserting a simple, customised script into the URL string. This query manipulated the contents of the Structured Query Language (SQL) Server database – common on most dynamic websites – causing the comment sections below message board threads to disappear.
Luckily (and perhaps stupidly), the vandals failed to initiate their script tags, meaning the 5,000 daily visitors to Thompson's site were not silently redirected to a rogue China-based website that was included in the script. Had they been, there is a strong chance the machines of unpatched users would have been infected with a trojan.
Registered users may log in here.
Login or Register now and get unlimited access.