BusinessWeek hit by hackers

By

The website of BusinessWeek has been hacked in an attempt to infect the visitors with malware.


The website of BusinessWeek has been hacked in an attempt to infect the visitors with malware.

According to research by Sophos, hundreds of web pages in a section for MBA students to find employment have been affected. The hackers used an SQL injection attack to infect the pages with code that tries to download malware from a Russian web server.

Although the Russian website was down and not delivering further malicious code at the time of the Sophos research, it claimed that it could be revived at any time as the hackers' scripts are still present and active on their site.

Brett Myroff, CEO of regional Sophos distributor, Sophos South Africa, said: “While it is concerning when any site suffers a malicious SQL injection attack, the stakes are even higher when it is one of the 1000 busiest websites on the Internet.

A potentially large number of people visiting the site and accessing information may be putting their finances or personal data at risk if they are not properly protected.

“Companies hit by SQL injection attacks need to move fast to not only remove the malicious scripts, but also to ensure they do not get infected again.

Companies with websites that have been struck by such an attack often clean-up their database, only to be infected again a few hours later.

“The latest BusinessWeek attack should alert all businesses to the importance of ensuring their Web sites are fully protected against attacks, and that all vulnerabilities are patched.”

See original article on scmagazineus.com
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
businessweekbyhackershitsecurity

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
Victoria's Secret pulls down website amid security incident

Victoria's Secret pulls down website amid security incident
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?