TMT legal update: cyber attacks on widely used application leaves web vulnerable - .PDF file.
IT security company Imperva has published a report in the September issue of its Hacker Intelligence Initiative on what it believes to be a major security weakness in the coding make-up of PHP.
The PHP platform is an alternative to Microsoft’s Active Server Page technology and is mainly used on Linex web servers. It is by far the most popular web application development platform, used by websites such as Facebook, Yahoo, Baidu and Wikipedia.
The flaw relates to several predefined variables in PHP available in all scopes throughout a script, known as ‘PHP SuperGlobals’. PHP SuperGlobals are a prime target for hackers as they yield a high return on investment, with sophisticated hackers increasingly exploiting these variables to break application logic and compromise servers resulting in fraudulent transactions and data theft…
If you are registered and logged in to the site, click on the link below to read the rest of the Eversheds briefing. If not, please register or sign in with your details below.