-
- SophosSupport: New Sophos Complete Security Suites: endpoint, data, email, web, mobile & groupware protection—on one license: http://t.co/13FVvp42about 2 hours ago
- SophosSupport: Scheduled Downtime. SophosTalk may be down for up to 2 hours today May 16, 2012 between 12:01am & 4:00am PDT (GMT -7:00) for scheduled work.about 2 hours ago
- gcluley: RT @NakedSecurity: Global Payments breach continues to bewilder, accusations abound http://t.co/AI64bgeeabout 3 hours ago
- duckblog: Congrats to #sophospuzzle winners at #auscert - David Zielezna and Phil Kernick - one prize still open to all online.about 5 hours ago
- duckblog: #sophospuzzle Stage 2 hint/discovery: if using simulation, even C's rand() with just 100,000 sample hands is about good enoughabout 11 hours ago
SQL Injection
Anonymous and LulzSec trawl Google Code search for security holes
A new report suggests that Google's Code Search is being used by groups such as LulzSec and Anonymous to find passwords and other private data, gain access to secure networks and decide who their next victim should be.
Nokia developer network site hacked - personal information accessed
Nokia shuts down its developer network forum after a hacker accessed members' records.
Anonymous hacks BART, creating even more innocent victims
Anonymous have continued their attacks today targeting the website myBART.org part of the San Francisco Bay Area Rapid Transit system. They claim it is in retaliation for a police shooting earlier this summer and the recent mobile phone blackout implemented to prevent organized protests.
Sony Portugal latest to fall to hackers
Sony Music Portugal is the latest Sony asset to be targeted by hackers. Is there light at the end of the tunnel? Are there other Sony websites that are still flawed?
Sony Europe hacked by Lebanese hacker... Again
Updated with information on 14th attack against SonyPictures.RU. Sony was hacked for the 13th time, this time exposing usernames, passwords, work emails, mobile phones and web site information on 120 Sony Europe users.
PBS.org hacked... LulzSec targets Sesame Street?
Public Television in the United States is the latest organization to suffer a data loss incident. What motivates these criminal data breaches? Is any organization off limits?
Sony Ericsson acknowledges Canadian e-commerce site hacked
Sony Ericsson is the latest Sony property to be compromised through a SQL injection attack. Over 2,000 password hashes, email addresses and full names were disclosed. This is the tenth hack in 5 weeks, will Sony stop bleeding our data soon?
Sony Music Japan hacked through SQL injection flaw
Sony Music Japan has been hacked by a group known as Lulz Security. The latest breach did not expose sensitive user details, but adds to the growing list of Sony websites vulnerable to SQL injection attacks.
Sony BMG Greece the latest hacked Sony site
Another Sony website has succumbed to an attack disclosing personal details of Sony customers. SonyMusic.gr was attacked through SQL injection and information disclosed on pastebin.com.
What's the deal with the Lizamoon SQL injection?
There has been a large amount of press in the last few days regarding "Lizamoon", the name being given to an attack which resulted in malicious code being injected into a large number of websites.
MySQL.com and Sun hacked through SQL injection
Proving that no website is ever truly secure, it is being reported that MySQL.com has succumbed to a SQL injection attack.
ClassicCars.com hacked by Indonesian hackers
An analysis of the defacement of classiccars.com. Find out how to secure your site against attack and some of the techniques used by our adversaries.
CanSecWest 2010 Day 1
As a Vancouverite it always seemed to be a bit of a shame that I have never attended a CanSecWest conference. This year I am here, the 11th annual CanSecWest conference, and I would like to thank Dragos Ruiu for Read more…
Barack's donor data may be safe, but site was not properly secured
On Monday this week I reported on donate.barackobama.com being hacked. While Blue State Digital and the Democratic Nationinal Committee may disagree, I stand by the statement. It was clear that something was incorrectly configured, whether the data that was exposed Read more…
Barack Obama hacked by SQL injection
This story has been updated with content that supersedes much of the original content. Updates are found at the bottom of the story Hackers disclosed this morning that they have been able to compromise BarackObama.com through a SQL injection attack. Read more…
Avoiding SQL injection attacks
One of the reasons the web is so popular with attackers today is that innocent sites can be compromised and used to infect large numbers of victims.
The best solution is to avoid getting hit in the first place.
Wrong kind of 'accident and emergency'
We have blogged about the recent SQL injection attacks a few times recently [1,2]. Though we have not mentioned it in the last few weeks, the problem has certainly not gone away. We are still seeing large numbers of sites Read more…
