Posts Tagged news

Yet another big company hit with SQL Injection problems (BT.com)

March 13, 2009

In last couple of weeks big companies have been attacked and are having big issues with SQL Injection. At this time British Telecom (bt.com) was the target company (see more info at here). Big companies such as Kaspersky , British Telecom and hundreds of others could easily fix these issues with a well-structured SDL process […]

"Second Life" is also victim of SQL Injection

February 12, 2009

According to Hacker’s Blog, the famous virtual world “Second Life” was susceptible to a SQL injection vulnerability that eventually led to customer’s data, including payment details. Although evidences are obfuscated enough to protect personal data, it is clear that a SQL injection flaw was used to obtain full access to their database under “Events” section […]

Yet another XSS bug to affect PayPal users

February 11, 2009

A recently published article on The Register has provided exclusive information about a cross-site scripting vulnerability (XSS) that affects PayPal web application and could be used as a phishing source against legitimate users. According to their report, an individual called “Fugitif” has uncovered the problem and provided evidences on how to exploit the vulnerability. As […]

« Older Entries