Poisoning Pigeons In The Park
1,000,000 is a fairly large number.
And, it is estimated, that is the number of legitimate Internet (web)pages that were infected (and rigged to attack your computer) by one (group of ?) hacker(s) using one automated tool… in just one month. One “attack”. (Of many.)
Yes.. the Internet. Where everyone plays nice.
For those interested: Latest SQL Injection Campaign Infects 1 Million Web Pages
“Another SQL injection campaign is literally going viral, with some 1 million URLs possibly infected.
The SANS Internet Storm Center over the weekend counted some 1,070,000 URLs injected with the so-called lilupophilupop.com malware. That’s up from 80 pages it had found in early December, according to SANS ISC handler Mark Hofman..”
What can you do? The programs on your computer need to be fully “patched” with the latest updates, as exploiting weaknesses (in your software) is a primary method hackers use to attack/infect your machines. You visit a website that they’ve ‘poisoned’, and if you have an unpatched ‘hole’ [aka “vulnerability”], bingo! – you’re infected.
How do you know if you have the latest updates? For all your installed programs? Do you think you are patched? Don’t guess. Be sure!
Today’s free download: Secunia offers a tool that I highly recommend. The online scanner (which you should bookmark, btw) will scan your machine for roughly 100 programs and tell you if there is a patch/update you need. If you go this route, I suggest you visit once or twice a week.)
Better yet, they offer a download, a Personal Edition, which will scan your system against a database of over 7,000 programs.
Even better yet, it includes direct download links to the missing patches it finds.
As for the weird title to today’s post.. well, something I heard many, many years ago popped into my thoughts… not sure the “why” of it…
Copyright 2007-2011 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.