|
Home > News > Tags > SQL injection
|
|
30
Stories about: SQL injection |
|
|
More: next 50 >>
Researchers from the Vulnerability Lab found a high-risk SQL Injection vulnerability in Joomla’s com_mobile component. The security flaw discovered in the popular content management system’s (CMS) component allows a remote attacker to inject his own SQL commands on the affected application’s databa... |
23 January 2012
04:38 GMT |
 |
|
Researchers from the Vulnerability Labs discovered a number of critical SQL Injection (SQLI) vulnerabilities on the official website of the Dusseldorf International Airport, one of the most important airports in Germany’s most important economic region.
The vulnerabilities, if unpatched, could have allowed an ... |
19 January 2012
08:30 GMT |
|
|
About a month ago, researchers from the Internet Storm Center (ISC) noticed an ongoing SQL attack and dubbed it lilupophilupop because it redirected users to a domain with that name, but since at the time there were only 80 or so infected webpages, no one gave the incident much thought. Now, the number of victims inc... |
4 January 2012
09:56 GMT |
|
|
After the First National Bank of Long Island and the BCD Credit Union were found to be vulnerable by the members of the p0isAnon alliance, now the British Airways Employees Federal Credit Union joins the list of victims. Initially, Operation Robin Hood planned to go after banks, but now they reached the conclusion t... |
7 December 2011
10:25 GMT |
|
|
Hackers of Sector 404, a group that claims to be working under the Anonymous trademark, managed to breach the Spanish website of the United Nations’ Refugee Agency ACNUR (acnur.org), by making use of a vulnerability that could be found on one of the pages where customers can request information. As a result of... |
2 December 2011
05:54 GMT |
|
|
Globe and Mail, a nationally distributed Canadian newspaper, suffered a security breach that affected their Classroom website, a few hundred of their members remaining exposed.
The Online Classroom Edition of The Globe and Mail is a site that addresses teachers and students across Canada, but as it turns out, everyo... |
29 November 2011
06:05 GMT |
|
|
In order to prove me wrong and to show they’re still able to pull off a hacking operation, the hacktivists behind Operation Robin Hood revealed the vulnerabilities present in the website of the First National Bank of Long Island. “I wanna say, that, we TeaMp0isoN pulled off any project we started, sooner... |
29 November 2011
04:11 GMT |
|
|
A hacker whose hat is gray claims that he found multiple vulnerabilities in the website of University of Melbourne but even after informing the site administrators multiple times, they failed to patch up the issues.
The website is down and even though its owners blame the shut down on maintenance procedures, accordi... |
17 November 2011
10:43 GMT |
|
|
Researchers warn users that critical vulnerabilities were discovered in Symphony CMS 2.2.3, possibly affecting the previous versions. Security Focus informs us that some variants of the XSLT-powered open source content management systems are affected by several XSS and SQL Injection weaknesses that could allow an at... |
2 November 2011
03:34 GMT |
|
|
Almost a quarter of all cyber masterminds prefer to use DoS or DDoS attacks, while 19% rely on SQL injections to complete their evil missions.After doing some digging on a popular hacker forum, the guys at Imperva came up with a report called "Hacker Intelligence Initiative, Monthly Trend Report", that shows these ar... |
18 October 2011
03:14 GMT |
|
|
The website of a highly popular newspaper from Venezuela and others have been altered with a piece of code that can compromise the integrity of databases.
Websense Security Labs informs us that the site was compromised on September 19 with a script that looks something like “dfrgcc.com/ur.php”.
Aft... |
21 September 2011
04:40 GMT |
|
|
Nokia has warned members of its developer community that their email addresses and possibly other information have been compromised during a recent security breach.The intrusion occurred when a hacker calling himself "pr0tect0r" exploited an SQL injection vulnerability on Nokia's discussion forum for developers.... |
30 August 2011
05:41 GMT |
|
|
The Ruby on Rails development team has released security updates for several versions of the web application framework in order to address serious vulnerabilities.The newly released 2.3.14, 3.0.10 and 3.1.0RC6 versions address a SQL injection flaw in the quote_table_name method which could be exploited to inject arbi... |
18 August 2011
08:26 GMT |
|
|
A group of gray hat hackers claim to have identified a critical SQL injection vulnerability in the website of Dukascopy Bank SA, a company that runs a Swiss foreign exchange marketplace."Dukascopy offers direct access to the Swiss Foreign Exchange Marketplace (SWFX). This market provides the largest pool of ECN spot ... |
7 July 2011
05:11 GMT |
|
|
Hackers have identified vulnerabilities on Apple websites which gave them access to the data stored in the underlying databases.Yesterday, the Anonymous collective disclosed an SQL injection vulnerability found in a survey script hosted on the Apple Business Intelligence (abs.apple.com) website.The notorious group of... |
4 July 2011
03:48 GMT |
|
|
The website of the Public Broadcasting Service (PBS) was hacked for the second time in under a month by a hacker who wanted to prove that LulzSec are not very skillful.The hacker, who uses the online handle of Warv0x, claims he exploited an SQL injection vulnerability that gave him access to the PBS.org databases.Lul... |
25 June 2011
03:10 GMT |
|
|
A Lebanese hacker who broke into several Sony web properties until now has leaked a list of email addresses allegedly extracted from the sonymusic.pt database.The hacker, who goes by the online handle of "Idahc," claims to have identified three vulnerabilities on the Sony Music Portugal website which facilitate SQL i... |
9 June 2011
07:56 GMT |
|
|
A hacker group called LulzSec claim to have compromised SonyPictures.com and gained access to its entire database of over one million accounts.The group announced late last week that is working on a new Sony hack, but later got distracted with their attack against PBS.org after the network ran a WikiLeaks documentary... |
3 June 2011
03:27 GMT |
|
|
Hackers managed to compromise the website of Comodo Brazil and extracted sensitive information about the company's SSL certificate customers.It seems the attack vector used in this case was SQL injection. A partial database dump was posted on pastebin.com Saturday together with information about the vulnerabilit... |
25 May 2011
00:06 GMT |
|
|
A hacker claims to have hacked Sony Ericsson's Canadian eShop and published data allegedly extracted from the website's database.The hacker, who goes by the handle of Idahc and says he's from Lebanon, has posted a partial database dump on pastebin.com."I am Idahc a Lebanese hacker and I am Back. I hack... |
24 May 2011
12:13 GMT |
|
|
The "Let's Hack Sony marathon" continues as hackers announced a new compromise of one of the company's websites and disclosed exploitable vulnerabilities affecting another.Hacking outfit LulzSec, which recently targeted FOX and stole the personal details of 250,000 X Factor USA auditionees, hacked into the ... |
24 May 2011
07:50 GMT |
|
|
Sony's security problems are not over and new security breaches seem to pop up every week. The latest one involves user information being leaked from the website of Sony BMG Greece.The incident was revealed over the weekend when someone publicly disclosed the stolen information of 8.385 users. However, the actua... |
23 May 2011
02:43 GMT |
|
|
A group of hackers has managed to break into the website of Web security firm Barracuda Networks and extract confidential information from its database.California-based Barracuda Networks specializes in email, Web and messaging security solutions. It sells firewall, filtering, archiving, backup, load balancing and ot... |
12 April 2011
10:21 GMT |
|
|
A recently announced mass injection attack dubbed LizaMoon is spreading rapidly and managed to infect over 1.5 million web pages in just a few days.The mass compromise was announced by Websense on Tuesday, at which time it had already affected some 28,000 pages and made its way onto iTunes.One interesting aspect of t... |
31 March 2011
12:16 GMT |
|
|
A new mass injection attack has infected over 28,000 pages and even made its way to iTunes according to security researchers from Websense.Dubbed LizaMoon, after the domain hosting the malicious code, the attack uses SQL injection techniques to insert a rogue script element.Users who land on one of the compromised pa... |
30 March 2011
03:54 GMT |
|
|
The Iranian hacker who compromised a Comodo reseller and used its credentials to obtain rogue SSL certificates for high-profile domains claims the original point of entry was an SQL injection vulnerability.When asked by Robert Graham, CEO of Errata Security, in an email exchange how he broke into the first machine at... |
29 March 2011
05:50 GMT |
|
|
The hackers who disclosed vulnerabilities in MySQL.com also published details about SQL injection flaws in older Sun Microsystems websites.Sun Microsystems was acquired by Oracle at the beginning of 2010 and its products were integrated into the latter's portfolio.However, given the sheer size of Sun many of its... |
28 March 2011
08:23 GMT |
|
|
Hackers have compromised the database of MySQL.com, as well as the French, German, Italian, Japanese and other localized versions of the website, ironically by exploiting an SQL injection vulnerability.A hacker calling himself Jackh4xo took credit for the compromise by reporting it on the popular Full Disclosure mail... |
28 March 2011
02:56 GMT |
|
|
The company operating the eHarmony.com online dating website has reset some account passwords after learning of a security breach on one of its systems.According to independent security reporter Brian Krebs, the company decided to take this proactive measure after a sale offer for the site's database appeared on... |
11 February 2011
02:51 GMT |
|
|
Security vendor Imperva warns that hackers are selling access to hacked websites and servers that belong to government, military and educational institutions. The company provides a screenshot of a list of compromised websites as advertised by the hacker, which contains information such as the level of access, the o... |
22 January 2011
04:42 GMT |
|
|
Omaha Public Schools, the largest school district in Nebraska, notified over 4,300 current and former employees that their information might have been compromised by hackers.The attack was discovered on December 21 and affected the database of the Omaha School Employees' Retirement System.The computer forensics ... |
17 January 2011
04:02 GMT |
|
|
CitySights NY, a company organizing sightseeing tours in New York, notified 110,000 former customers that their credit card details were compromised after unidentified individuals hacked its website.In a letter [pdf] to the New Hampshire Attorney General's Office, Twin America, CitySights' parent company, r... |
21 December 2010
04:57 GMT |
|
|
Savannah, the collaborative development platform maintained by the Free Software Foundation, was taken offline earlier this week after unknown attackers exploited an SQL injection vulnerability to compromise accounts.Savannah is running on Savane2, an open source software forked from the original SourceForge code aft... |
1 December 2010
04:57 GMT |
|
|
A hacker claims to have gained full access to the website of the British Royal Navy and the underlying database through an SQL injection attack.The public disclosure was made by a Romanian self-confessed security enthusiast who uses the online handle of "TinKode."The grey hat hacker specializes in finding Web vulnera... |
6 November 2010
06:26 GMT |
|
|
Experts claims the defacement of copyprotected.com was achieved through SQL injection, while other reports suggest the UK Conservative Party website might be next.Members of the notorious Anonymous collective hacked MPAA's copyprotected.com website yesterday and placed The Pirate Bay logo and the group's Op... |
16 October 2010
05:28 GMT |
|
|
Nine different Vodafone websites are vulnerable to cross-site scripting (XSS) vulnerabilities, while the UK one is affected by a more dangerous SQL injection flaw.XSS weaknesses were found on Vodafone.com, Vodafone.com.au, Vodafone.de, Vodafone.es, Vodafone.it , Vodafone.gr , Vodafone.ie , Vodafone.ro, Vodafone.com.t... |
30 September 2010
02:18 GMT |
|
|
A gang of hackers targeting infecting predominantly ASP and ASP.NET websites with malicious code, has launched a new attack that so far affected at least 1,500 domains."A large number of sites have been hacked again in the last few days with a malware script pointing to google-stat50.info (and google-stats50.info)," ... |
29 September 2010
02:18 GMT |
|
|
Tens of thousands of websites recently compromised in an injection attack, which employs some unusual obfuscation techniques, could start serving a malicious payload at any time.Security researchers from the SANS Internet Storm Center (ISC) warn of a new SQL injection-like attack, which has compromised a significant ... |
16 August 2010
08:02 GMT |
|
|
Unauthorized hackers have stolen customer information from New Zealand-based Hell Pizza, which also operates stores in Australia, England and Ireland. A database containing the sensitive data has been circulating within security circles since last year, without any confirmation of the breach from the company.Accordin... |
26 July 2010
09:04 GMT |
|
|
A group of Argentinian hackers have managed to obtain access to the user database and administration panel of The Pirate Bay by exploiting several SQL injection vulnerabilities. The exposed data involved user names, MD5 hashed passwords, e-mail addresses and IPs. The hacker who reported the attack goes by the name o... |
8 July 2010
00:20 GMT |
|
|
A known gang of hackers active on the Asian underground online gaming market is behind a new mass SQL injection attack that has infected thousands of pages. Attackers are targeting ASP and ASP.NET websites and exploit two critical Internet Explorer vulnerabilities to infect their visitors with a gaming trojan.Accordi... |
3 July 2010
04:29 GMT |
|
|
A government-run website promoting the OV-chipkaart smart card, which is currently being introduced in public transportation across The Netherlands, has been found leaking sensitive private information on over 168,000 passengers. A grey-hat hacker proved that he could access the name, address, birth date, phone numbe... |
18 May 2010
10:26 GMT |
|
|
A Lebanese greyhat hacker reports finding an SQL injection vulnerability in edimax.com. According to him, the flaw can be exploited to extract administrative credentials for all of the hardware manufacturer's websites. In an e-mail to Softpedia, a self-confessed security enthusiast, who goes by the online monik... |
17 April 2010
03:00 GMT |
|
|
A Lebanese hacker claims to have hacked Orange's regional website in Cote d'Ivoire (Ivory Coast) through SQL injection. The attack allegedly gave him access to the website's administration interface and information on almost 60,000 customers.Orange is the fifth largest telecom provider in the world wit... |
9 February 2010
09:15 GMT |
|
|
The website of the Center for Aerosol Research at NASA's Goddard Space Flight Center has been taken offline after a grey hat hacker demoed an attack on its database. The SQL injection exploitation had to be performed manually and was unusually hard to pull off, according to the attacker."I want to say that it wa... |
25 January 2010
10:51 GMT |
|
|
A Lebanese hacker is taking credit for a security breach on the PEO Soldier Army website. By exploiting an SQL injection vulnerability, he allegedly obtained full access to the underlying database and the information contained within.After we recently reported about a Proof-of-Concept attack performed by a Romanian g... |
13 January 2010
04:28 GMT |
|
|
A Romanian grey hat hacker has disclosed an SQL inject (SQLi) vulnerability on a website belonging to the United States Army, which leads to full database compromise. The website, called Army Housing OneStop, is used to provide information about military housing facilities to soldiers. The Army Housing OneStop (AHOS... |
9 January 2010
07:14 GMT |
|
|
A hacker has discovered an SQL injection flaw in a website owned by Intel. According to the attacker, the vulnerability can be exploited to access sensitive information, including credit card details, stored in the underlying database.The proof of concept attack was demoed by a prominent self-confessed white hat hack... |
22 December 2009
15:01 GMT |
|
|
Security researchers from Vietnamese security vendor Bach Khoa Internetwork Security (Bkis) have identified a new mass injection attack that so far infected almost 180,000 websites with rogue <script> tags. The majority of affected sites are Chinese and many of them are in the gov.cn or edu.cn domain namesp... |
17 December 2009
05:10 GMT |
|
|
Security researchers have detected a new mass injection attack that has compromised over 130,000 websites so far. A rogue IFrame is used to exploit visitors and infect their computers with a banking trojan.The attack apparently began in late November and has grown at a steady pace since then. A Google search for the ... |
11 December 2009
06:53 GMT |
|
More: next 50 >> |
|
|
Find us on Google+
