OzHub, the Macquarie Telecom-led cloud computing alliance, has come down firmly on the side of Optus over the copyright controversy surrounding Optus TV Now, warning that any moves to change the law "risk branding Australia a global luddite state."
An automated SQL injection attack has affected a large number of web sites - as in hundreds of thousands of pages - resulting in malware being downloaded to visitors' computers.
The attack appears to take advantage of features of Microsoft SQL Server, though according to security vendor F-Secure the problem lies in poor site coding, not in vulnerabilities in Microsoft's software. SQL injection is a well-known technique for attacking sites, and one that professional web developers should know they need to guard against.
Affected sites include some operated by the United Nations and the US, UK and Australian governments or their agencies.
According to F-Secure, the domains hosting the malicious content ultimately delivered by the hack are nmidahena.com, aspder.com and nihaorr1.com.
Some reports have suggested the problem is linked to an unpatched flaw in IIS that surfaced last week, but Microsoft has categorically denied that is the case. "We have also determined that these attacks are in no way related to Microsoft Security Advisory (951306)," wrote communications manager Bill Sisk in the Microsoft Security Response Center blog.
"The attacks are facilitated by SQL injection exploits and are not issues related to IIS 6.0, ASP, ASP.Net or Microsoft SQL technologies," he added.
David Frost
| SYDNEY– February 9, 2012. Gigamon®, the world leader in Traffic Visibility Fabric solutions, announced that it has expanded the breadth and s…
How to Make Business Discovery Work for Your Business
Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more
Try an easy-to-use set of web-enabled
tools for business-class productivity services. Office 365 provides
anywhere-access to email, important documents, contacts, and calendars
on almost any device.