RSS Alerts

Share

More services

Related Stories

  • Interview: Hord Tipton of (ISC)²
    Within only a minute of sitting down with Hord Tipton, executive director of (ISC)², our own Eleanor Dallaway knew that the hour she had booked with him would not be adequate. You see, it’s impossible to capture the true essence of a man with a career that many can only dream of in 60 minutes. While they may have been short for time, Tipton certainly wasn’t short on stories
  • You Dirty, Shady RAT
    The latest APT to come to light is what McAfee has dubbed ‘Shady RAT’. But the folks at Kaspersky have voiced some objections. Drew Amorosi examines the threat…and the controversy
  • A Rotting Security Apple?
    Vendors, analysts, and commentators alike have long predicted a surge in malware affecting Apple’s products. Yet, until recently, these prognostications have failed to materialize. Drew Amorosi examines recent malware threats to Apple’s OS X operating system to find out if this is an anomaly, or a sign of things to come
  • Weekly brief, January 18 2010
    Infosecurity rounds up the security news from the past week.
  • Using Information Security to Protect Critical National Infrastructure: Energy Sector is Hackers’ Biggest Target
    The oil and gas industries are natural targets for cyber-criminals due to sensitive data and very deep pockets. With the introduction of newer IT technologies, such as wireless and even social networking, the jobs of the information security teams are not getting any easier. John Sterlicchi reports

Top 5 Stories

News

Kaspersky site hacked over weekend

04 February 2009

Anti-malware vendor Kaspersky's site was hacked over the weekend, using an SQL injection attack. While admitting that the site was vulnerable, Kaspersky is denying that the vulnerabiity was critical. The hacker nevertheless listed what he said was the full set of tables from the firm's MySQL database.

A post on a hacking blog claimed to show images of the site being hacked by changing parameters in the URL.

"Kaspersky is one of the leading companies in the security and antivirus market. It seems as though they are not able to secure their own data bases," said the poster. "Alter one of the parameters and you have access to EVERYTHING: users, activation codes, lists of bugs, admins, shop, etc."

"A vulnerability was detected on a subsection of the usa.kaspersky.com domain when a hacker attempted an attack on the site," the company responded in a statement over the weekend. "The site was only vulnerable for a very brief period, and upon detection of the vulnerability we immediately took action to roll back the subsection of the site and the vulnerability was eliminated within 30 minutes of detection. The vulnerability wasn’t critical and no data was compromised from the site."

This article is featured in:
Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012