Website Compromises

New mass SQL injection attack could be forming

December 02, 2011

Based on a Google search of a malicious SQL string being used, more than 4,000 websites have been infected in less than 24 hours.
 

Occupy St. Louis sympathizer hacks mayor's website

November 10, 2011

A person supportive of the Occupy Wall Street movements sweeping the nation has hacked into the website belonging to the St. Louis mayor, defacing it and publicly exposing contact information and emails.
 

Thousands of WordPress sites sucked into BlackHole

Darren Pauli, editor, SC Magazine, Australia/New Zealand November 01, 2011

Hackers have compromised a huge number of sites hosting WordPress blogs because of a vulnerable image script.
 

New exploit toolkit not so nice

October 11, 2011

At least 10,000 websites have been compromised to redirect users to a new exploit toolkit, called "Nice Pack," according to researchers at Dell SecureWorks. Nice Pack, discovered Wednesday, attempts to take advantage of flaws in users' third-party apps, such as Java and Adobe, to install the "Zero Access Trojan," a rootkit that allows attackers to take control of a victim's machine. Though researchers are still looking into the threat, they have discovered that the JavaScript on compromised sites is nearly identical to the malicious code recently found on MySQL.com, which was infected to redirect users to the Black Hole exploit toolkit.
 

"Sophistication" and the downfall of security

September 28, 2011

Hiding the facts behind a cyberattack only stands to benefit the criminal.
 

Harvard site back online after "sophisticated" defacement

September 27, 2011

The home page of Harvard University was hacked by pro-Syria supporters in a "sophisticated" attack, but at least one security expert is skeptical of just how advanced the compromise could have been.
 

MySQL.com hacked to distribute malware

September 26, 2011

Visitors to MySQL.com on Monday were greeted with a drive-by download that attempted to silently install malware on their machine.
 

GlobalSign discovers "isolated" web server compromise

September 13, 2011

Certificate authority GlobalSign has discovered that the web server hosting its site was compromised by hackers .
 

Lady Gaga website hacked to expose users' data

July 18, 2011

The personal information belonging to thousands of Lady Gaga fans was stolen after hackers breached the singer's U.K. website.
 

Hackers steal 1.27M email addresses from Washington Post site

July 08, 2011

Hackers broke into The Washington Post's jobs website late last month and stole approximately 1.27 million user IDs and email addresses, the newspaper disclosed Thursday. No passwords or other personal information was affected. Attackers leveraged a security vulnerability on the site to break in twice, on June 27 and 28. The newspaper has since fixed the flaw and implemented additional unspecified security measures to ensure a similar incident does not recur. Affected individuals may receive an increase in spam and phishing messages as a result of the hack, The Washington Post warned.
 

Hacker group LulzSec targets FBI partner InfraGard

June 06, 2011

On the heels of successful infiltrations at PBS and Sony, a vigilante hacker collective has compromised the website of the Atlanta chapter of InfraGuard, an FBI partner organization.
 

Data belonging to Honda customers in Canada stolen

June 01, 2011

The personal data belonging to Honda and Acura customers in Canada was stolen after attackers accessed the information off the companies' e-commerce sites.
 

"LulzSec" uses zero-day on PBS, promises more attacks

May 31, 2011

There is a new cybervigilante group in town, and its name is LulzSec. Its technical ability became known over the weekend with the infiltration and subsequent defacement of PBS.org.
 

Hackers disclose SQL injection of Barracuda website

April 11, 2011

Hackers revealed Monday that they exploited an SQL injection vulnerability on the website of Barracuda Networks to steal the names and contact information of partners, end-users and Barracuda employees.
 

Two more Comodo resellers "owned" in SSL hack

March 30, 2011

Comodo has confirmed that two additional registration authorities affiliated with the company also were compromised in a highly publicized SSL certificate fraud attack disclosed last week.
 

Oracle's MySQL.com hacked via SQL injection

March 28, 2011

Hackers over the weekend compromised Oracle's MySQL.com customer website via SQL injection and posted a list of usernames and passwords online.
 

Group outlines web host's role in fighting malware

March 16, 2011

Web hosting providers must, at the very least, quickly respond to reports of customer sites that are infected, according to a new set of best practices from an anti-badware nonprofit.
 

eHarmony advice site hacked to expose user information

February 11, 2011

eHarmony has confirmed that a hacker recently gained access to a file containing user information, weeks after another popular dating site was compromised.
 

Dating site PlentyOfFish hacked to expose passwords

January 31, 2011

The credentials of nearly 30 million online daters are at risk following the exploit of a common website vulnerability. The exact circumstances of the incident remain in question.
 

Prominent government and educations sites hijacked

January 14, 2011

A large number of legitimate websites have been infected to redirect users to spam websites.
 

Gawker breach prompts LinkedIn, Yahoo password resets

December 16, 2010

The recent theft of approximately 1.3 million account details from the servers of Gawker has prompted password resets at a number of popular websites.
 

Twitter spam campaign linked to Gawker breach

December 13, 2010

A massive spam campaign that has rapidly spread on Twitter has been linked to a recent security breach of online media company Gawker Media.
 

New Internet Explorer bug found in the wild

November 03, 2010

Microsoft on Wednesday warned of a fresh flaw in Internet Explorer that researchers at Symantec found was being exploited on a legitimate website.
 

Firefox zero day being exploited in the wild

October 27, 2010

Cybercriminals are exploiting a "critical" zero-day flaw in Mozilla's Firefox web browser to distribute malware, security firms are warning.
 

Iranian Cyber Army shifts efforts toward malware, botnets

October 25, 2010

A hacker group responsible for defacement attacks against Twitter and Baidu now appears to be amassing a mighty botnet, according to researchers at a security firm.
 

Cache of stolen FTP credentials discovered

September 15, 2010

Security researchers recently stumbled upon a malicious website that housed a cache of stolen FTP credentials.
 

Symantec secures its vulnerable "Hack is Wack" site

September 07, 2010

Security giant Symantec said it has secured its "Hack is Wack" contest website after researchers discovered it was riddled with vulnerabilities.
 

Network Solutions refutes how many sites widget affected

August 18, 2010

A widespread web attack that hit domains parked at web hosting provider Network Solutions affected far fewer domains than previously estimated.
 

Up to five million parked domains served malware widget

August 16, 2010

An estimated hundreds of thousands to millions of Network Solutions parked domains were actively serving malware to visitors due to an infected widget, according to researchers at a security firm.
 

Researcher demonstrates Twitter XSS vulnerability

June 24, 2010

A Twitter user has demonstrated a cross-site scripting (XSS) vulnerability on the microblogging platform that could allow an attacker to take over users' accounts or spread malware.
 
Powered by Disqus
Popular Topics
Analyst Reports & Industry Surveys Android Anonymous Breaches & Exposures Canada Data Breaches DNS Education Finance Government Hackers Hacktivism Health Care Lawbreakers & Cybercrime Lawsuit Legislation LulzSec Malware Mobile Applications Mobile Devices Patch Management PCI Compliance SC Awards 2012 Trojans Vulnerabilities & Flaws