Unu Cracks a Wall Street Journal Conference Site, Not WSJ.com

Friday, December 04, 2009

Daniel Kennedy


Unu, the security researcher from Bucharest Romania known for performing unsolicited penetration tests on brand name web sites with a concentration in SQL Injection is at it again, this time with a claim that he cracked WSJ Online. Per Unu: “Traffic Rank 88 in U.S., by Alexa ‘WSJ online coverage of breaking news and current headlines from the U.S. and around the world. Top stories, photos, videos, detailed analysis” …and a big SQL Injection’”. Unu did identify a Wall Street Journal branded web site that is vulnerable to SQL Injection attacks. But the site is not WSJ.com, is not on the same servers WSJ.com is on, is not a site hosted by Dow Jones-Teleratel but rather a conference site hosted by a WSJ vendor called MAP Digital, Inc.. The extent of the sensitive data breached appears from the screenshots to be the e-mail address and phone information for reporters associated with the 2009 CEO Council event that happened November 16th and 17th in Washington D.C..

More: Praetorian Prefect.com

Possibly Related Articles:
SQl Injection Hacks
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked