Telstra reveals Pacnet security breach
An SQL injection attack allowed third party access to Pacnet’s corporate IT network on 3 April, less than a fortnight before the company's sale to Telstra was finalised on 16 April, the telco revealed today.
An SQL injection attack allowed third party access to Pacnet’s corporate IT network on 3 April, less than a fortnight before the company's sale to Telstra was finalised on 16 April, the telco revealed today.
For all the advances in enterprise networking over the years there's been one big step backward: security testing. Relatively few enterprises today conduct regular security tests in-house, relying instead on occasional tests by outside consultants or, more dangerously, just taking vendor claims at face value.
Hackers are in the midst of a massively successful SQL injection attack targeting websites built on Microsoft's ASP.Net platform. About 180,000 pages have been affected so far, <a href="http://www.networkworld.com/topics/security.html">security</a> researchers say.
The websites of Kellogg’s, Nutri-Grain, Vogel’s and Specialty Cereals were hit in a string of mass defacements on Sunday.
The Western Australian Government came under attack from hackers who defaced nine of its websites in two days, including the Government House and the City of Perth earlier this month.
I know that chances are no one rushed to remove all SQL injection vulnerabilities from their Web applications after I warned in my column last month how serious they can be.
This week's disclosure that the huge data thefts at Heartland Payment Systems and other retailers resulted from SQL injection attacks could finally push retailers into paying serious attention to Web application security vulnerabilities, just as the breach at TJX focused attention on wireless issues.
Mozilla last week issued the first patch for Firefox 3.5, fixing a flaw that went public Monday. One noted contributor had called the flaw a "self-inflicted" vulnerability.
The Office of Film and Literature Classification Web site has been defaced by what appears to be a group opposed to the government censorship.
Running a secure Web site means more than just guarding against cross-site scripting and SQL injection attacks. Flaws in the business processes that underlie Web sites can also present serious security risks, the CTO of a Web security company said Thursday.
A Romanian hacker who has spent the past few weeks exposing a common, but dangerous, Web programming error on security vendors Web sites says he's found a SQL injection flaw on Symantec's Web site. But Symantec says it's not a security issue.
The website of BusinessWeek magazine has suffered a major SQL injection attack in recent days that left it hosting malware from hundreds of its pages, Sophos has reported.