A Symantec-run website was vulnerable to Blind SQL Injection problems that
reportedly exposes a wealth of potentially sensitive information.

Romanian hacker Unu used off-the-shelf tools (Pangolin and sqlmap) to steal a
glimpse at the database behind Symantec’s Japanese website. A peek at the
Symantec store revealed by the hack appears to show clear-text passwords
associated with customer records. Product keys held on a Symantec server in
Japan were also exposed by the hack.


Оставить мнение

Check Also

Сети для акулы. Разворачиваем Snort и пишем правила

Атакующие ломают даже самые защищенные системы, а администраторы месяцами не замечают злоу…