By Dan Morrill
Expert Author
Article Date: 2008-05-12
If you are wondering just how hackers are working their way into your back end databases, Dark Reading has a list of the top six database hacks being used in the field today.
The sad part of the list is that most of these hacks have been known for years, most of these are not a surprise to anyone who has to manage the security around a database system. With web 2.0, those databases and the data that is in them is something anyone with a database in their design has to think about.
Brute-force (or not) cracking of weak or default usernames/passwords
Privilege escalation
Exploiting unused and unnecessary database services and functionality
This is 2008, you can pull video from 1991 that covers many of these same topics. With some neat ideas on some of the earlier security appliances when we were still infants. This is a great video to watch, you might even see some folks you know.
In a lot of ways, there are some very serious issues with information security in a company if most of the top six list is built on or based on attacks that are over 15 years old now. There is almost a sense of what have we done as a security community when we cover things like this over and over again.
Comments About the Author:
Dan Morrill has been in the information security field for 18 years, both
civilian and military, and is currently working on his Doctor of Management.
Dan shares his insights on the important security issues of today through
his blog, Managing
Intellectual Property & IT Security, and is an active participant in the
ITtoolbox blogging community.
