Security Vendor susceptible to SQL Injection

February 9, 2009

According to Hacker’s Blog article on 07-Feb-2009, Russian’s desktop security vendor “Kaspersky” was target of a successful SQL injection attack where an individual was able to retrieve sensitive data such as SQL user’s control table (apparentely a well-known MySQL’s user table containing administrative passwords). The Russian company denies that sensitive customer data was leaked as […]