IHT Suffers SQL Injection; BitDefender Leaks Data Again
The International Herald Tribune's Web site exposed sensitive data, and they weren't alone. BitDefender suffered yet another SQL injection vulnerability too.
February 17, 2009
A week and a half ago a group of hackers discovered SQL injection vulnerabilities in Web sites operated by BitDefender and Kaspersky. The same group of hackers have since discovered more SQL injection problems.
The first BitDefender security lapse was on a partner site in Spain. That particular problem was fixed. Now another vulnerability has been discovered in BitDefender's primary site.
The new problem was discovered by the same group of hackers that discovered the first problem. Maybe it's time for BitDefender to have a security audit done by an independent third-party?
The security lapse at the International Herald Tribune - operated by the New York Times - exposed sensitive data such as user name and passwords as well as information about reporters and affiliates.
I checked the site's home page half way expecting to see a headline that read "We've Been Hacked!" but nope - it wasn't there.
About the Author
You May Also Like