Tag: database | Page 13

Zero-day vulnerability found within MySQL database application – ZDNet

September 14, 2016/in Internet Security

Zero-day vulnerability found within MySQL database application
ZDNet
zero-day-flaw-mysql-zdnet.jpg Symantec. A researcher has disclosed a zero-day flaw in the widely-used MySQL database application after Oracle reportedly failed to patch the critical security hole. On Monday, independent security researcher Dawid …
MySQL zero-day exploit puts some servers at risk of hackingInfoWorld
A Critical MySQL Zero-Day Vulnerability UncoveredVirus Guides (blog)
MySQL Zero-Day Allows An Attacker To Take Full Control Of DatabaseTechworm
The Tech Portal –Softpedia News –Dawid Golunski –Hacker News
all 21 news articles »

“zero day” – read more

When the people selling you IT security solutions hack into their rival’s database…

July 24, 2016/in Computer Security

The Register reports:

Five men working at UK-based IT security reseller Quadsys confessed today to hacking into a rival’s database.

Owner Paul Streeter, managing director Paul Cox, director Alistair Barnard, account manager Steve Davies and security consultant Jon Townsend appeared before the beak at Oxford Crown Court.

“All pleaded guilty to obtaining unauthorised access to computer materials to facilitate the commission of an offence,” the court clerk told us.

This is punishable by a minimum of 12 months in prison or a fine on summary conviction, or up to five years or a fine on indictment.

We all know that there are bad guys hacking into firms.

We want to protect our firms from online criminals, so we bring in third-parties to help us do that, and purchase solutions and services.

It’s depressing to discover that some of those third party firms may have some rotten apples on their payroll, who don’t know the difference between right and wrong, and think nothing of exploiting their technical skills to break the law if it helps them gain a commercial advantage.

Let this be a warning to others. Just because you can do something doesn’t mean that you should.

Hacking into a rival’s database to steal customer and pricing information might give you a short term advantage, but you are putting your personal future, and that of your business, at permanent risk.

Graham Cluley

Database of 2.2m suspected terrorists, money launderers leaked online

July 2, 2016/in Internet Security

It was available to anybody who knew where to look, with no credentials needed to access it.
Naked Security – Sophos

154 million American voters’ records exposed thanks to unsecured database

June 23, 2016/in Computer Security

154 million U.S. voters’ records were exposed due to a misconfigured CouchDB instance, according to MacKeeper security researcher Chris Vickery. “It was configured for public access with no username, password, or other authentication required.”

Vickery determined the leaky database was on Google’s Cloud services and traced it back to a client of L2, a company which claims to be the country’s “most trusted source for enhanced voter” data.

The database included fields for addresses, age, congressional as well as state senate districts, education, estimated income, ethnic, name, gender, languages, marital status, phone, voting frequency, presence of children, and if the voter was a gun owner.

To read this article in full or to leave a comment, please click here

Network World Security

Tag Archive for: database