The details of 3 major identity theft breaches came to light today with the release of the federal indictment of Albert Gonzalez. It turns out that the main entry point was a SQL Injection vulnerability. The indictment states that a SQL Injection vulnerability was exploited and used to install malware on the target network. The indictment doesn't give any details of the technique that was used to leverage the SQL Injection vuhnerability to install the malware. I have my theories. Here are some potential ideas:
I would be interested in other ways people know of to leverage a SQL injection vulnerability to execute code. Once an attacker has the tiniest foothold through a perimeter it can often be leveraged to compromize an entire organization. That is why public facing web applications are critical to secure. They are on the front line perimeter of your organization and demand the same care you would put into locking down your firewall, mail server, or VPN. Thinking that attackers who find a web vulnerability will only be able to manipulate web transactions deprioritizes the risk inappropriately. Sometimes a web vulnerability gives them the whole enchilada.