SQL injection

Pierluigi Paganini November 03, 2013
SQL Injection, XSS and URL Redirect found in popular websites

Security Researcher Mohamed Osman Saeed has identified numerous vulnerabilities and reported them all, they include SQL Injection, XSS and URL Redirect. Security Researcher Mohamed Osman Saeed has identified numerous vulnerabilities and reported them all following an ethical conduct. The flaw interested principal security firms and private companies, following the complete list: Invalidated URL Redirect in […]

Pierluigi Paganini October 27, 2013
Subcontractors are for hackers the weakest link in security chain

Hackers use to target subcontractors to hit big enterprises due the poor level of security they offer, in the energy sector this trend is very concerning. Let’s follow the discussion on the hacking world and the way hackers impact business with their activities. We discussed about the role of hackers for companies and their employment […]

Pierluigi Paganini September 17, 2013
Hacking – Give me 10 minutes to hack the Nasdaq

It is very easy to hack the Nasdaq according the security expert Kolochenko that reported numerous vulnerabilities in the official website of the exchange. Just 10 minutes could be sufficient for an attacker to hack the Nasdaq Stock Market, this is the alert provided by Ilia Kolochenko, head of Swiss information security company High-Tech Bridge.  The security expert […]

Pierluigi Paganini July 24, 2013
Web Application Vulnerabilities 2013 – Context Information Security

Context Information Security  issued the report “Web Application Vulnerability Statistics 2013” that provides statistic on Web Application Vulnerabilities based on data gathered from a range of IT security activities and consultancy engagements during last three years. The number of data breaches is increasing in concerning way also thanks to numerous cyber attacks that exploited Web Application Vulnerabilities in many web […]

Pierluigi Paganini July 07, 2013
Avira.com SQL Injection and Security Filter Bypassing

Cyber Security Analyst Ebrahim Hegazy has found an Avira.com SQL Injection vulnerability, Avira.com is the famous Avira Antivirus vendor’s web site. Ebrahim Hegazy(@Zigoo0) Cyber Security Analyst Consultant @ Q-CERT who found a SQL Injection in Yahoo! about two months ago, has found a new SQL Injection vulnerability in Avira.com the famous Avira Antivirus vendor. The […]

Pierluigi Paganini July 02, 2013
ICS-CERT Surge In attacks against Energy Industry

The ICS-CERT issued a new Monitor report that revealed a surge of brute force attacks against control systems mainly belonging to the energy sector. The ICS-CERT issued a new Monitor report that revealed an intensification for brute force attacks against control systems mainly belonging to the energy sector. The ICS-CERT received notification for more than 200 […]

Pierluigi Paganini April 28, 2013
LivingSocial data breach exposed 50M customer records

LivingSocial data breach exposed 50 million customer records, the news is shocking and is circulating on the Internet since last Friday. On The internet is circulating the news of the LivingSocial data breach, an incident that menace the privacy of million of users and that rekindling the debate on the level of security provided by major service companies […]

Pierluigi Paganini April 26, 2013
Yahoo! Blind SQL Injection could lead to data leakage

Yahoo! Blind SQL Injection could allow attackers can inject own SQL commands A Yahoo! Blind SQL Injection has been discovered by an Egyptian information security advisor … What could be the problems arising? Data leakages are the nightmares of every administration of databases, a growing number of services are exposed on the Internet with related data, Billion of customers’ record […]

Pierluigi Paganini October 07, 2012
Team GhostShell hacktivists against temples of knowledge

In this days the hacking group Team GhostShell claimed credit for the hack of  servers of the 100 principal universities from around the world, including Stanford, Princeton Harvard, the University of Michigan and also the Italian University of Rome. The hackers named the campaign #ProjectWestWind. The group accessed to the databases of universities stealing hundred of […]

Pierluigi Paganini July 13, 2012
All the truth about Yahoo Contributor Network data breach

It’s hacking time! Within a few days we saw two attacks that had disastrous consequences, the victims are prominent Formspring portal and the Yahoo Voices service. The Yahoo branch hacked is Yahoo Contributor Network a sort  of content farm that paid users to publish their submissions. The Yahoo service allow users to post articles and media such […]