A self-proclaimed grey-hat hacker has located a critical SQL injection vulnerability in a website belonging to security giant Symantec. The flaw can be leveraged to extract a wealth of information from the database including customer and admin login credentials, product serial numbers, and possibly credit card information.The flaw was found by a Romanian hacker going by the online handle of Unu, according to whom an insecure parameter of a script from the pcd.symantec.com website, allows for a blind SQL injection (SQLi) attack to be performed. In such an attack, the hacker obtains read and/or write permission to the underlying database of t... [read more >>] Internet users resolving DNS requests through the OpenDNS were not able to access pages on the Ebay UK website yesterday. The problem was caused by a bogus entry in the phishing filter used by the service.The reports started flowing in around last night, when many users trying to access any page starting with http://cgi.ebay.co.uk received a "Phishing Site Blocked" error. "Phishing is a fraudulent attempt to get you to provide personal information under false pretenses. We prevented you from loading this page as part of our safer, faster, and smarter DNS service. […] Powered by OpenDNS," the message read.The problem lasted for about ... [read more >>] Multiple vulnerabilities discovered in the website of a UK-based company called OnlineFX, which conducts foreign exchange services, can be exploited to extract highly sensitive data from the underlying database. Credit card details and customer information are possibly compromised.According to its own website, OnlineFX is a financial company based in central London and offers foreign currency exchange at low rates, bank money transfers to over 70 countries, as well as IT, marketing and corporate services. The onlinefx.co.uk flaws were disclosed by Romanian grey hat hacker Unu, who specializes in finding SQL injection vulnerabilities in high... [read more >>] Users of the LiveJournal blogging platform were the target of a malicious attack on Tuesday, when a social networking worm that spread by simply viewing an infected post was released on the website. The malware stole email addresses and made private blog entries accessible to everyone. The LiveJournal staff has posted a detailed announcement describing the attack, which is said to have only lasted for less than two hours. As a result, the ability to embed video files into blog entries has been suspended, but has since been restored for a few trusted services such as YouTube. The social networking worm propagated through an embedded flash v... [read more >>] RBS WorldPay is currently banging heads with a grey hat hacker over the seriousness of SQL injection vulnerabilities that he discovered on its websites. Meanwhile, another web developer exposed a cross-site scripting weakness in a site belonging to the company in order to prove that its efforts to mitigate XSS are not only inefficient, but also misguided.A prominent grey hat hacker calling himself Unu, who has made a habit of revealing SQL injection vulnerabilities in high profile websites since the beginning of this year, is contesting RBS WorldPay's assertion that a recent flaw he reported could have not been used to access sensitive... [read more >>] A Web worm that spreads by exploiting a vulnerability in older versions of WordPress has put the blogosphere in alert mode. Once it compromises a vulnerable installation, the worm begins to taint older blog entries with malicious links and, in some cases, it can even destroy data. Reports of hacked, WordPress-powered blogs started flowing in since late last week, and there seems to be some tell-tale signs of a possible compromise. According to Lorelee's blog about blogging, this worm modifies the structure of WordPress pretty permalinks to something like example.com/category/post-title/%&({${eval(base64_decode($_SERVER[HTTP_REFERER]))... [read more >>] Websites belonging to several large European banks, such as ING, Dexia and HSBC, have been hacked through SQL injection. These proof-of-concept attacks reveal poor security practices on behalf of institutions that people entrust with their life savings.The security issues have been discovered by Romanian self-confessed grey hat hacker "Unu," who has received a fair amount of media attention this year due to the high-profile nature of his targets. Some of his recent discoveries include SQL injection vulnerabilities in websites belonging to the UK Parliament, Yahoo!, The Telegraph or Orange France. The first reported vulnerability was discove... [read more >>] A hacker broke into the database of the UK Parliament website by exploiting an SQL injection vulnerability. The incident reveals very poor and questionable password security practices on behalf of the website administration.The security hole on parliament.uk was discovered by a Romanian greyhat hacker going by the online handle of "Unu," who has made a habit of testing high profile websites for similar bugs. Unu's "hit list" so far includes the websites of large antivirus vendors Kaspersky, BitDefender, F-Secure, Symantec, renowned newspapers, such as The International Herald Tribute and The Telegraph or big ISPs, like British Telecom,... [read more >>] The Apache Project's Infrastructure Team was forced to take its primary servers offline yesterday, after discovering that unknown hackers uploaded and executed malicious code on them. The attackers apparently used a stolen SSH authentication key associated with a backup account to break in. The attack started during the evening of August 27 and targeted the minotaur.apache.org aka people.apache.org server. According to the Apache team, this is the "seed host for most apache.org websites" and also hosts accounts for all developers. The perpetrators logged in to the server running FreeBSD 7-STABLE using the SSH key corresponding to an ... [read more >>] Facebook was the target of two independent and non-related phishing attacks through its applications service. Two security experts discovered, investigated and reported these attacks to the social network's admins, who took all the protection measures. The first one was reported by Christopher Boyd and was an application called Customer Dispute. The application link did not open an actual app page, but managed to clone a Facebook URL (apps.facebook.com/customer_dispute/ ). Instead of the standard application install screen, it printed a “404 – Page not found” error. The detail that triggered Mr. Boyd's interest ... [read more >>] | 
RSS
