International Telecommunication Union   ITU
 
 
Site Map Contact us Print Version
 Tuesday, February 17, 2009
Romanian Hacker Breaches Third Security Vendor Site

The hacker who broke through the Website defenses of two prominent security vendors has claimed a third victim.

According to a posting on hackersblog.com, the Romanian attacker who launched SQL injection attacks on Kaspersky and BitDefender has now successfully penetrated the Web defenses of F-Secure, as well.

"[The F-Secure site is] vulnerable to SQL injection plus cross site scripting," the posting says. "Fortunately, F-Secure doesn't leak sensitive data, just some statistics regarding past virus activity."

An F-Secure spokesman told news reporters the breach occurred on a low-level server that doesn't contain sensitive data, only marketing statistics. "It is slightly embarrassing as a security company that we have had the breach," said F-Secure's David Frazer, in a news report. "We certainly, as a security company, want to ensure that all of our servers are patched to the levels that they should be."

On Monday Kaspersky conceded that a Romanian hacker had launched a SQL injection attack on its newly implemented U.S. customer support site, exposing a potentially data-threatening vulnerability in its Website. The attacker did not publish any sensitive data, even though he could have gained access to it, Kaspersky said.

Read More

Cybersecurity Spam and Cybercrime
Tuesday, February 17, 2009 2:29:42 PM (Romance Standard Time, UTC+01:00)  #     |  Related posts:
ITU to play leading role in UN global cybersecurity debate
ITU’s relationship with IMPACT continues to gain momentum
In line with ITU's long tradition of public-private partnership ITU has signed an MoU with Symantec
UN agencies team up to make the online world safer: MoU signed between ITU and UNODC at WSIS Forum 2011
Microsoft Calls for Safer and Healthier Internet
International Card Fraud Gang Dismantled in Romania