Hackers Invade Apple Server
The Anonymous cabal, lately, revealed an SQL-insertion security flaw uncovered inside a survey code that abs.apple.com the Business Intelligence website of Apple reportedly hosted. SoftPedia published this on July 4, 2011.
Posting a file on the Internet, Anonymous claimed that it had several usernames and passwords used with respect to an Apple server, though the group circulated one Twitter message telling that it didn't mean to be "so serious," while stating additionally that it might target Apple next.
The grey-hat Web-hacker noted that the portal for Apple Consultants Network was susceptible to random SQL-injection and XSS (cross-site scripting) assaults. If the XSS vulnerability could be exploited then malevolent Iframes were possible to insert inside a web-page via getting users to access a maliciously created URL. The said kind of vulnerability could help in improving malware dissemination or phishing assaults.
States AVG Technologies, provider of mobile and Internet security, there's a continuous and alarming growth in "trusted malware." Still more hazardous is the random SQL-insertion flaw, which hackers could exploit for extracting tables as well as column names held within the data. Nevertheless, the grey-hat Web-hacker didn't as yet post any portion belonging to the hacked data. EWeek.com published this on July 4, 2011.
Hitherto, Apple hasn't said anything in response to whatever has been claimed regarding the episode. The above problem apparently isn't the sole one Apple is suffering since a grey-hat Web-hacker from Lebanon has asserted that he discovered one more Apple site that's exposed to assault. Using Iframe script and SQL-insertion assaults, one could acquire illegitimate admission into databases.
Likewise during June 2011, Best Buy a consumer electronics seller was compelled towards notifying clients that hackers had filched their e-mail ids. The retailer found that during a security breach carried out at an intermediate supplier, the perpetrators exposed a few e-mail ids.
Notably, the online site, which Apple utilized for Internet polls, exhibited a message on July 4, 2011 that for a brief period the server had been tentatively withdrawn from the Internet. Stated PandaLabs, the above incidences had been raising the number of malware assaults starting January-March 2011.
Related article: Hackers Redirect Windows Live Search to Malicious Sites
» SPAMfighter News - 11-07-2011