シマンテックのウェブサイトがブラインドSQLインジェクション攻撃され、ユーザー情報が露出。
Symantec Website Hack Exposes User Data
攻撃されたのは、日本と韓国のノートン製品顧客サポートサイト。
今のところ、この事件は世界の他の場所の顧客には影響していないはずだ。
それなら問題ないとでも言いそうな勢い。
今回の攻撃者は、2月にカスペルスキーを攻撃したのと同じ人らしい。
トレンドマイクロの研究者は、この件を教訓にしないといけないといっている。
Symantec hacked? Full disk and database access? ツサ CounterMeasures
I have made sure Symantec UK and Japan are aware of this information and I am sure they are investigating as I type, but it's never a bad idea to restate a few best practices for securing web applications:* Keep them patched.
* NEVER store sensitive data in clear text.
* Get them regularly vulnerability scanned from the inside as well as the outside.
* Use strong authentication (2 factor) if you are only serving a limited user population or if the data you are holding is particularly sensitive. Cookies can lead to session hijacking...
* Bounds checking of input data helps to avoid buffer overflows and SQL injection type attacks.
* Provide access to information on a Need to Know basis and always provide it with Least Privilege.
* Don't provide detailed error information to browsers, you don't expect your customers to debug your application, so don't give up that error message.
Leave a comment