The SANS report also found an increase in vulnerabilities allowing direct access to databases, data warehouses and backup data, especially software from Oracle Corp. And SANS found a continuing increase in file-based attacks, particularly those using media and image files, such as the WMF. "In addition, we have seen a major upsurge in attacks using flaws in programs that process media files, such as Apple QuickTime/iTunes, Windows Media Player, RealNetworks RealPlayer, Macromedia Flash Player and Nullsoft Winamp," the report said.