Browsing tag
Vulnerability testing specialists reported the finding of a security flaw in phpMyAdmin, one of the world’s most widely used MySQL database management applications, present in multiple versions of the tool (from 4.7.7 to 4.9.2). According to the report, this is an executable SQL injection vulnerability through the designer function using a username specially created for […]
A website security specialist dedicated to the bug reporting helped fix a critical SQL injection flaw affecting an enterprise database in the famous coffee chain Starbucks. The flaw could have exposed confidential financial and accounting data. Thanks to his discovery, expert Eugene Lim (also known as ‘spaceraccoon’) received a $4,000 bounty, paid through Starbucks’ vulnerability […]
Before we move on to the MongoDb injections, we must understand what MongoDb exactly is and why we prefer it over other databases. As MongoDb does not use SQL people assumed it is not vulnerable to any kind of injection attacks. But believe me, no one is born with inbuilt security aspects. We have to […]
Whistleblowing is overshadowed when SQL injection gives way to unauthorized access. A Florida man has been slapped with felony criminal hacking charges after gaining unauthorized access to poorly secured computer systems belonging to a Florida county elections supervisor. David Michael Levin, 31, of Estero, Florida, was charged with three counts of unauthorized access to a computer, […]
Federal Reserve officials deny the incident took place. Serious accusations have been made today by Bangladesh’s central bank, which has said that hackers breached its US Federal Reserve account and stole a large amount of money. The allegations were made by Bangladesh officials after central bank employees noticed that a large chunk of their funds went […]
Data for 18,000 users stolen in the incident. The website of the Faithless British EDM band has been breached and the personal information of over 18,000 fans stolen by a yet unknown assailant,The Independent reports after being notified by cyber-security vendor CyberInt. Last September, CyberInt security experts discovered a listing on the Dark Web containing a database […]
Yahoo’s developers have open-sourced Gryffin, a security scanner for Web content, specifically designed to cut down the number of false positives and also work at very large scales. Yahoo has a history of releasing weird open-source projects that eventually become industry favorites. You know, projects like YUI!, Pure, and Hadoop, which were at first considered […]