|
|
 |
| New User, Welcome! Login |
Web Hacking Incidents update for Feb 10th
| From: |
Ofer Shezaf <ofer shezaf com> |
| To: |
Bugtraq <bugtraq securityfocus com> |
| Cc: |
|
| Subject: |
Web Hacking Incidents update for Feb 10th |
| Date: |
Tue - Feb 10, 2009 08:34 AM |
The Web Hacking Incidents Database (http://whid.webappsec.org), or WHID for
short, is a Web Application Security Consortium (http://www.webappsec.org)
project dedicated to maintaining a list of web applications related security
incidents. WHID goal is to serve as a tool for raising awareness of the web
application security problem and provide information for statistical
analysis of web applications security incidents.
The following incidents where added to WHID last week:
* WHID 2009-19: Kaspersky site breached using SQL injection, sensitive data
exposed (http://whid.webasppsec.com/whid/2009/19/kaspersky_site_breached)
* WHID 2009-18: phpBB web site hacked using LFI
(http://whid.webasppsec.com/whid/2009/18/phpbb_web_site_hacked_using_lfi)
* WHID 2009-17: Passwords are optional at SpeedDate
(http://whid.webasppsec.com/whid/2009/17/passwords_optional_at_speeddate)
* WHID 2009-16: Primary schools hit by smut hack
(http://whid.webasppsec.com/whid/2009/16/primary_schools_hit_by_smut_hack)
We also continue to follow older incidents and the following incidents where
significantly updated this week:
* WHID 2008-36: RBS WorldPay Data Breach Hits 1.5 Million
(http://whid.webasppsec.com/whid-2008-36) - scope of incident revealed.
* WHID 2008-01: Information stolen from geeks.com
(http://whid.webasppsec.com/whid-2008-01) - FTC settlement documents shed
light on the incident.
~ Ofer
Ofer Shezaf [shezaf@xiom.com, +972-54-4431119, www.xiom.com]
Founder, Xiom.com, Proactive Web Application Security, http://www.xiom.com
Chairman, OWASP Israel
Leader, WASC Web Hacking Incidents Database Project
|
|
|
Copyright © 1995-2012 LinuxRocket.net. All rights reserved.
Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!
