From a MSSP side, we are seeing more attempts of this type of attack. Anyone concerned with this type of attack (anyone with an ecommerce presence) should consider the CONSISTENT use of a Web Application Security Scanning tool. If you are concerned testing tools can't do the job or will "miss" vulnerabilities, evaluate the Application Security Gateways, they can stop attacks of these type 99.9999% of the time.

Adam Mikrut

CTO

DigitalStakeout, LLC

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/newsbriefs/18/18#18