ANTI-MALWARE.info | The Reference in Independent Anti-Malware Advice and Information
Subscribe | Log in

Blog

It never stays quiet on the internet: The Lizamoon attack, the update problem?

It never stays quiet on the internet and new attacks or malware are seen every day. The last week however we saw an interesting mass SQL injection attack, referred to as Lizamoon, which was spreading and has infected several millions of URLs last week (March 29 until April 4). Even after a week, thousands of comprised websites don’t seem to be cleaned up, yet.

What are we talking about?
The mentioned attack uses SQL injection techniques to insert rogue code into the databases of websites. SQL injection is a code injection technique that misuses available functionality that is not filtered away properly. In other words: The vulnerability is present when user input is not correctly filtered for escape characters embedded in SQL statements or if the input is not strongly typed and by this unexpectedly executed (cf.: Wikipedia).

The following code was injected into a large number of websites:
<script src=hxxp://lizamoon . com / ur . php >

(more…)

CeBIT 2011 and G Data

CeBIT starts on March 1st in Hannover, showcasing the latest developments in the IT industry. G Data is using the largest IT trade show in the world this year to launch the next generation of security for businesses and home users. G Data presents this year’s trade fair highlight: Generation 11 of its network solutions, equipped with a powerful backup module in all Enterprise versions. Also being revealed is G Data MobileSecurity, a security solution for Android phones. Mobile phone owners will thus be able to effectively secure their mobiles against malware. Another first that will be announced in Hannover is G Data CloudSecurity. This free browser plug-in blocks infected websites,making surfing the internet more secure. Besides presenting these innovations, the provider from Bochum, Germany is also offering a comprehensive programme in the G Data Arena, Hall 11, Booth D35.

I personally will take part in the Global Conferences during a panel session about the importance of security which is detailed below. It’s an interesting line up of experienced speakers, CEO’s or VP’s which will be sitting next to me. I will be available for interviews and chats the whole week (minus Saturday) at our booth. By the way I like my new title: Global Security Officer.   ;-)

(more…)

Upcoming meetings and events like AMTSO, RSA, CeBIT, etc …

It seems that my busy months are coming up with a lot of travelling. Very soon you can see me speaking at some national and international events. 

Close to my home you can find me at ‘This is IT’ in the Netherlands www.apeldoorn-it.nl/congres (3 February 2011). The week afterwards I will teach the teachers at the ICT day for teachers in Belgium http://www.ictdag.be/ (7 February 2011). After this I will be travelling to San Francisco for AMTSO and the RSA conference (14-18 February 2011). The  AMTSO members’ meeting will be held at San Mateo, California, on the 10th-11th February, just before RSA. I’m pretty sure that everybody will find some interesting material coming out of the organization in the next few weeks. There’s more information on this year’s AMTSO meetings on the AMTSO meetings page at http://www.amtso.org/meetings.html, including a preliminary agenda.

And don’t forget CeBIT (1-5 March 2011). This year G Data will take an active part in the very famous CeBIT Global Conferences in Hannover. Dr. Dirk Hochstrate will attend the IT-Security panel on Wednesday, 2 March. On the Global Conferences only the top spokesmen of the IT branch are invited to discuss new trends and their visions for the future. At the same moment you can go to our English press conference where you will see me in front of the room.

I will give you more info about our upcoming CeBIT events soon.