database hacking – Page 2 – WindowsTechs.com

Katyusha Scanner — Telegram-based Fully Automated SQL Injection Tool

Posted on July 12, 2017 by Swati Khandelwal

A new powerful hacking tool recently introduced in an underground forum is making rounds these days, allowing anyone to rapidly conduct website scans for SQL injection flaws on a massive scale — all controlled from a smartphone using the Telegram messaging application.

Dubbed Katyusha Scanner, the fully automated powerful SQLi vulnerability scanner was first surfaced in April this year when a

Continue reading Katyusha Scanner — Telegram-based Fully Automated SQL Injection Tool→

Reliance Jio Customers’ Data Allegedly Hacked – Company Denies Breach

Posted on July 10, 2017 by Mohit Kumar

Personal details of some 120 Million customers have been allegedly exposed on the Internet in probably the biggest breach of personal data ever in India.

Last night, an independent website named Magicapk.com went online, offering Reliance Jio customer… Continue reading Reliance Jio Customers’ Data Allegedly Hacked – Company Denies Breach→

mongoaudit – MongoDB Auditing & Pen-testing Tool

Posted on March 6, 2017 by Darknet

mongoaudit is a CLI tool for MongoDB auditing of servers, detecting poor security settings and performing automated penetration testing. It is widely known that there are quite a few holes in MongoDB’s default configuration settings. This fact, combined with abundant lazy system administrators and developers, has led to what the press has called…

Read the full post at darknet.org.uk

Continue reading mongoaudit – MongoDB Auditing & Pen-testing Tool→

Another MongoDB Hack Leaks Two Million Recordings Of Kids

Posted on March 1, 2017 by Darknet

No surprises here, but there’s been another big MongoDB hack and from the looks of it, it’s been owned for quite some time. This time 2 million records from over 820,000 accounts have been leaked due to yet another default MongoDB installation with no authentication listening on the public IP address. The terrible part is, […]

The post…

Read the full post at darknet.org.uk

Continue reading Another MongoDB Hack Leaks Two Million Recordings Of Kids→

New Windows Trojan Spreads MIRAI Malware To Hack More IoT Devices

Posted on February 10, 2017 by Swati Khandelwal

MIRAI – possibly the biggest IoT-based malware threat that emerged last year, which caused vast internet outage in October last year by launching massive distributed denial-of-service (DDoS) attacks against the popular DNS provider Dyn.

Now, the infamous malware has updated itself to boost its distribution efforts.

Researchers from Russian cyber-security firm Dr.Web have now uncovered a

Continue reading New Windows Trojan Spreads MIRAI Malware To Hack More IoT Devices→

MongoDB Ransack – Over 33,000 Databases Hacked

Posted on January 11, 2017 by Darknet

Ah our favourite database in the news again, being hailed as the MongoDB Ransack a whole bunch of people have turned the insecure MongoDB default configuration into a ransom opportunity. They are deleting/stealing databases and soliciting bitcoin payments to return the data. With multiple actors doing the same stuff though it’s hard to know who…

Read the full post at darknet.org.uk

Continue reading MongoDB Ransack – Over 33,000 Databases Hacked→

Someone Hijacking Unsecured MongoDB Databases for Ransom

Posted on January 4, 2017 by Swati Khandelwal

Nearly two years back, we warned users about publicly accessible MongoDB instances – almost 600 Terabytes (TB) – over the Internet which require no authentication, potentially leaving websites and servers at risk of hacking.

These MongoDB instances weren’t exposed due to any flaw in its software, but due to a misconfiguration (bad security practice) that let any remote attacker access MongoDB

Continue reading Someone Hijacking Unsecured MongoDB Databases for Ransom→

Someone Hijacking Unsecured MongoDB Databases for Ransom

Posted on January 4, 2017 by Swati Khandelwal

These MongoDB instances weren’t exposed due to any flaw in its software, but due to a misconfiguration (bad security practice) that let any remote attacker access MongoDB

Continue reading Someone Hijacking Unsecured MongoDB Databases for Ransom→

DBShield – Go Based Database Firewall

Posted on December 23, 2016 by Darknet

DBShield is a Database Firewall written in Go that has protection for MySQL/MariaDB, Oracle and PostgreSQL databases. It works in a proxy fashion inspecting traffic and dropping abnormal queries after a learning period to populate the internal database… Continue reading DBShield – Go Based Database Firewall→

HexorBase – Administer & Audit Multiple Database Servers

Posted on December 2, 2016 by Darknet

HexorBase is a database application designed to administer and to audit multiple database servers simultaneously from a centralised location, it is capable of performing SQL queries and brute-force attacks against common database servers (MySQL, SQLite… Continue reading HexorBase – Administer & Audit Multiple Database Servers→