BitDefender Partner Site Hit by Hackers

Wed, Feb 11th, 2009

Hackers elicited customer details from a Portuguese partner site associated with the security company BitDefender, the second intrusion in recent days targeting computer security companies.

The details are posted on hackersblog.org, which publishes information on security problems but says it will notify Web site operators and not reveal sensitive data.

The hackers used a form of a SQL injection attack to reveal personal details and e-mail addresses. SQL injection, one of the most common types of attacks, involves inputting commands into Web-based forms or URLs (Uniform Resource Locators) in order to return data held in back-end databases.

A 2006 survey by the Web Application Security Consortium of 31,373 sites found more than 25 percent were vulnerable to SQL injection, with more than 85 percent vulnerable to cross-site scripting attacks.

Our system thought this story was mainly about: Hackers, Sql Injection
Have different ideas? Please tell us.
Share with friends if you like this page:
No comments yet.