Wednesday, February 11, 2009

Kaspersky DB Hit by SQL Injection Attack!

Kaspersky Database Hit by SQL Injection Attack (February 9, 2009) Kaspersky Lab has confirmed reports that an intruder was able to access a company database that holds customer information through an SQL injection attack. The information was exposed for a week and a half before the company became aware of the situation. A senior researcher at the company said that no customer data were accessed; the attack accessed only the database's table labels. Upon learning of the vulnerability, Kaspersky "immediately took action to roll back the [affected] subsection of the site to eliminate the risk." The company has hired an expert to investigate the breach
For more info:-

No comments: