Blog Posts Tagged with "MySQL"
State Sponsored IE Vulnerability and a Four Line MySQL Exploit
June 21, 2012 Added by:Headlines
Of the two latest Microsoft IE vulnerabilities, the first seems the most interesting. Rumored to be “State-Sponsored”, the vulnerability focuses on Gmail, MS Office and Internet Explorer. And as yet is still an active Zero Day exploit. Security software company Rapid 7 explains the vulnerability as follows...
Comments (0)
Analysis of the April 2012 CPU for the Oracle Database
April 23, 2012 Added by:Alexander Rothacker
It’s mid-April, so it’s Oracle CPU fallout time again. This CPU contains 88 fixes. Thirty-three in this CPU are for vulnerabilities that are remotely exploitable without authentication. In other words, anybody on the network can exploit these vulnerabilities...
Comments (0)
Oracle Releases Critical Patch Updates for April 2012
April 18, 2012 Added by:Headlines
Oracle has released its Critical Patch Update for April 2012 to address 88 vulnerabilities across multiple products. US-CERT encourages users and administrators to review the April 2012 Critical Patch Update and apply any necessary updates to help mitigate the risks...
Comments (0)
How to Avoid Being Miscast in a SOPA Opera
January 20, 2012 Added by:Kevin McAleavey
LOIC was originally written in C#, but a later variant was created in Javascript which permits it to be deployed from any internet connected device. LOIC and its JS variant are simple toys, but in the hands of enough people they can create a formidable DDOS attack on a site...
Comments (2)
TeamSHATTER: Analysis of the January 2012 Oracle CPU
January 18, 2012 Added by:Alexander Rothacker
This time ere are only TWO fixes. This is the lowest number ever since the CPU program has started in 2005. Oracle, what happened? Did you throw in the towel on DBMS fixes? I know it’s not because the Database is finally fixed for good and is now suddenly secure...
Comments (0)
High Fashion, Low Security - Part Duex
August 25, 2011 Added by:David Martinez
I spy serious SQL issues… I had the hashes for the admins table, info from the customers table, as well as the full output of the transactions and users tables, which included MD5 hashes of CC numbers. The hashes were all 64-bits from a MySQL db, which means they were probably SHA256...
Comments (0)
High Fashion - Low Security
August 15, 2011 Added by:David Martinez
In the end, I had the hashes for the admins table, full customer info from the customers table, as well as the full output of the transactions and users tables, which included MD5 hashes of CC numbers. The hashes were all 64-bits from a MySQL db, which means they were probably SHA256...
Comments (0)
MySQL Website Hacked (Ironically) by Blind SQL Injection
March 28, 2011 Added by:Rafal Los
Allow me to point out a little bit of irony in this headline... a website for one of the more popular open-source database alternatives gets completely compromised using blind SQL Injection. Ouch. Someone going by the moniker "Jack Haxor" posted this to the Full Disclosure mailing list...
Comments (0)
Is Oracle Playing Nice With Java and MySQL?
March 09, 2011 Added by:Bill Gerneglia
Despite a series of snubs toward the Java community, Oracle continues to engage and just recently offered up a new Java Specification Request (JSR) 342, intended to convert Java Enterprise Edition (Java EE) 7 into a building block of cloud services...
Comments (0)
- Over-Sharing Riskier than Government Snooping
- 20 Critical Security Controls: Control 13 – Boundary Defense
- Redefining Social Networking
- Creating Your Own Privacy & ROI
- Security Intelligence for the Enterprise - Part 1
- Why are Cybercrimes NOT Always White-collar Crimes?
- From the SMB to Security Guru: Five Ways IT Pros Can Manage Security on a Budget
- Balancing Act Between Privacy and Security
- The NSA’s Word Games Explained: How the Government Deceived Congress in the Debate over Surveillance Powers
- NSA Surveillance Is Legal And Not Targeting Average Americans, Says Texas A&M Professor