Unknown Hacker Grabs Gab’s Data, DDoSecrets Doesn’t Leak it

Gab has been hacked. The app fell “victim” to a simple SQL injection attack. But the CEO’s response was a trans-phobic slur.
The post Unknown Hacker Grabs Gab’s Data, DDoSecrets Doesn’t Leak it appeared first on Security Boulevard.
Continue reading Unknown Hacker Grabs Gab’s Data, DDoSecrets Doesn’t Leak it

Insider Threat: The Biggest Contributor to Cyber Attacks

In 2019, a renowned cloud hosting company fell victim to a data breach. The hacker accessed over 100 million accountsContinue reading
The post Insider Threat: The Biggest Contributor to Cyber Attacks appeared first on Kratikal Blog.
The post Insider Th… Continue reading Insider Threat: The Biggest Contributor to Cyber Attacks

SQL Injection loses #1 spot as most dangerous attack technique

The Common Weakness Enumeration (CWE), a community-developed compilation of the most critical errors leading to vulnerabilities in software, has lowered SQL Injection from its #1 spot as the most dangerous attack technique. SQL Injection, one of the ol… Continue reading SQL Injection loses #1 spot as most dangerous attack technique

vBulletin Releases Patch Update for New RCE and SQLi Vulnerabilities

After releasing a patch for a critical zero-day remote code execution vulnerability late last month, vBulletin has recently published a new security patch update that addresses 3 more high-severity vulnerabilities in its forum software.

If left unpatc… Continue reading vBulletin Releases Patch Update for New RCE and SQLi Vulnerabilities

Critical Flaws in ‘OXID eShop’ Software Expose eCommerce Sites to Hacking

If your e-commerce website runs on the OXID eShop platform, you need to update it immediately to prevent your site from becoming compromised.

Cybersecurity researchers have discovered a pair of critical vulnerabilities in OXID eShop e-commerce softwar… Continue reading Critical Flaws in ‘OXID eShop’ Software Expose eCommerce Sites to Hacking

Katyusha Scanner — Telegram-based Fully Automated SQL Injection Tool

A new powerful hacking tool recently introduced in an underground forum is making rounds these days, allowing anyone to rapidly conduct website scans for SQL injection flaws on a massive scale — all controlled from a smartphone using the Telegram messaging application.

Dubbed Katyusha Scanner, the fully automated powerful SQLi vulnerability scanner was first surfaced in April this year when a

Continue reading Katyusha Scanner — Telegram-based Fully Automated SQL Injection Tool

WordPress Plugin Used by 300,000+ Sites Found Vulnerable to SQL Injection Attack

A SQL Injection vulnerability has been discovered in one of the most popular Wordpress plugins, installed on over 300,000 websites, which could be exploited by hackers to steal databases and possibly hijack the affected sites remotely.

The flaw has be… Continue reading WordPress Plugin Used by 300,000+ Sites Found Vulnerable to SQL Injection Attack

Hacker Demonstrates How Easy In-flight Entertainment System Can Be Hacked

Next time when you hear an announcement in the flight, “Ladies and gentlemen, this is your captain speaking…,” the chances are that the announcement is coming from a hacker controlling your flight.

Dangerous vulnerabilities in an in-flight entertainment system used by the leading airlines, including Emirates, United, American Airlines, Virgin, and Qatar, could let hackers hijack several

Continue reading Hacker Demonstrates How Easy In-flight Entertainment System Can Be Hacked

Hacker Demonstrates How Easy In-flight Entertainment System Can Be Hacked

Next time when you hear an announcement in the flight, “Ladies and gentlemen, this is your captain speaking…,” the chances are that the announcement is coming from a hacker controlling your flight.

Dangerous vulnerabilities in an in-flight entertainment system used by the leading airlines, including Emirates, United, American Airlines, Virgin, and Qatar, could let hackers hijack several

Continue reading Hacker Demonstrates How Easy In-flight Entertainment System Can Be Hacked