Researchers at Core Security Technologies have donned their black hats and are preparing a presentation about <A HREF="http://www.eweek.com/article2/0,1895,2164067,00.asp?kc=EWKNLNAV073107STR1">a new database attack vector</A> that relies solely on the inherent characteristics of the indexing algorithms.
The attack, which will be demonstrated Aug. 1 against the MySQL database engine at Black Hat USA in Las Vegas, affects database management systems using BTREE, the popular database indexing algorithm and data structure. Traditionally, database security breaches are mostly due to the abuse of wrongly configured authorization and actual control permissions or the exploitation of bugs in front-end Web applications through SQL injection, said Core Security Chief Technology Officer Ivan Arce.
Recent Articles
-
Why a server-based anti-spam solution might be a good idea
-
Hosted email security with GFI MailEssentials Complete Online
-
Send your holiday emails from Outlook while keeping that personal touch
-
Welcome to the ZATZ Studio
-
Video: SmartSchedules can overcome some of Outlook’s limitations
-
Open question: what would you like to see us cover?
-
How the Epsilon breach might cause real security problems
-
Status report: migrating ZENPRESS to a new platform
From Our Sponsor
