HackDig : Dig high-quality web security articles for hacker

WordPress releases the version 4.8.3 to address a serious SQL Injection vulnerability

WordPress developers fixed a serious SQL injection vulnerability on Tuesday with the release of version 4.8.3.. Apply it as soon as possible. WordPress developers fixed a serious SQL injection vulnerability that was reported by the researcher Anthony Ferrara,  VP of engineering at Lingo Live. The issue was addressed on Tuesday with the release of version 4.8
Publish At:2017-11-01 19:50 | Read:1336 | Comments:0 | Tags:Breaking News Hacking SQL injection WordPress version 4.8.3

Leaking Cloud Databases and Servers Expose Over 1 Billion Records

As The Wall Street Journal recently pointed out, some clients of cloud service providers such as Amazon and Microsoft are accidentally leaving their cloud databases exposed due to misconfigurations of their services. Coupled with recent headline-making breaches, it’s becoming clear that the greatest risks to an organization might come down to a simple
Publish At:2017-09-21 19:15 | Read:2758 | Comments:0 | Tags:Advanced Threats Cloud Security Data Protection Software & A

SQL Injection flaw in WordPress Plugin WP Statistics potentially exposed 300,000+ Sites

Security experts at Sucuri have discovered a SQL Injection vulnerability in WP Statistics, one of the most popular WordPress plugins. Security experts at Sucuri have discovered a SQL Injection vulnerability in WP Statistics, one of the most popular WordPress plugins, that is currently installed on over 300,000 websites. The SQL Injection vulnerability in WP
Publish At:2017-07-01 17:40 | Read:1132 | Comments:0 | Tags:Breaking News Hacking SQL injection Wordpress Hacking WP Sta

Critical SQL Injection CVE-2017-8917 vulnerability patched in Joomla, update it now!

Joomla maintainers released a fix for a critical SQL injection flaw, tracked as CVE-2017-8917, that can be exploited by a remote attacker to hijack websites On Wednesday Joomla maintainers released a fix for a critical SQL injection vulnerability, tracked as CVE-2017-8917, that can be easily exploited by a remote attacker to obtain sensitive data and hijack
Publish At:2017-05-18 16:45 | Read:1360 | Comments:0 | Tags:Breaking News Hacking CVE-2017-8917 Joomla SQL injection Vul

Over a million websites could be at risk from critical WordPress gallery plugin flaw

NextGEN Gallery is an extraordinarily popular plugin for self-hosted WordPress websites, having been downloaded over 16.5 million times.The software’s widespread popularity (it claims to have been “the industry’s standard WordPress gallery plugin” since 2007) makes it an seemingly obvious choice for website owners looking to add image
Publish At:2017-03-08 04:11 | Read:1135 | Comments:0 | Tags:Featured Articles IT Security and Data Protection SQL Inject

SQLi flaw in the NextGEN Gallery plugin exposes at risk of hack more than 1 Million WordPress Installs

More than 1 million WordPress website are at risk due to a critical SQL injection vulnerability in the NextGEN Gallery plugin. Update it asap. Security experts at Sucuri firm have identified a SQL injection flaw in the WordPress image gallery NextGEN Gallery that could be exploited by a remote to gain access to the targeted website’s backend, including sensi
Publish At:2017-03-01 19:40 | Read:1173 | Comments:0 | Tags:Breaking News Hacking CMS NextGEN Gallery plugin SQL injecti

Russian hacker Rasputin breaches over 60 Universities and Government Agencies

The Russian-speaking black hat hacker Rasputin, hacked systems of more than 60 universities and U.S. government agencies. According to the threat intelligence firm Recorded Future, a Russian-speaking black hat hacker, known as ‘Rasputin‘, hacked systems of more than 60 universities and U.S. Government agencies. We met Rasputin in December 2016, 
Publish At:2017-02-15 23:40 | Read:1613 | Comments:0 | Tags:APT Data Breach Hacking Pierluigi Paganini Rasputin secure c

More than 8,800 WordPress Plugins out of 44,705 are flawed

Security firm RIPS Technologies has analyzed 44,705 in the official WordPress plugins directory and discovered that more than 8,800 of them are flawed. Experts from the security company RIPS Technologies have conducted an interesting analysis of WordPress plugins. The researchers have analyzed 44,705 of the roughly 48,000 plugins available in the official Wo
Publish At:2016-12-16 22:10 | Read:1837 | Comments:0 | Tags:Hacking Reports Security hacking XSS SQL injection Wordpress

Kapustkiy hacked the National Assembly of Ecuador website

Kapustkiy’s has breached the National Assembly of Ecuador and leaked the data via PasteBin. Once again he exploited a SQL injection. Here we go again with a Kapustkiy’s hack, this time the young hacker has breached the National Assembly of Ecuador and leaked the data via PasteBin.  The hacker broke into the backend of the www.asambleanaciona
Publish At:2016-12-05 08:30 | Read:2401 | Comments:0 | Tags:Breaking News Data Breach Hacking data breach Kapustkiy Nati

Kemuri Water Company (KWC) | Hackers change chemical settings at water treatment plant

Hackers manipulated the programmable logic controllers that managed the amount of chemicals used to treat the water to make it safe to drink.   NEW YORK — March 23, 2016 — Hackers breached a water company’s industrial control system and made changes to valve and flow control settings, Verizon revealed in its latest Data Breach Digest. The unnamed w
Publish At:2016-11-20 03:20 | Read:4952 | Comments:0 | Tags:Critical Infrastructures Cyber Security ICS SCADA Security U

Databases of Indian embassies leaked online. Too easy hack them

The databases of the Indian Embassies in Switzerland, Mali, Romania, Italy, Malawi, and Libya were leaked online by two grey hat hackers. Today I was contacted by a security pentester who goes online with the moniker Kapustkiy who revealed me to have breached the Indian Embassies in Switzerland, Mali, Romania, Italy, Malawi, and Libya. Kapustkiy and his frie
Publish At:2016-11-07 05:15 | Read:2016 | Comments:0 | Tags:Breaking News Cyber Crime Data Breach Hacking data breach In

VERT Vuln School – SQL Injection 103

Reminder: VERT Vuln School guides are published for educational purposes only.In our last post, we demonstrated how an attacker could leverage a classical SQL injection vulnerability in a web application to leak database information (by reflecting the result of the database queries onto the web application itself). In this post, we are going to show how an a
Publish At:2016-10-04 05:30 | Read:2337 | Comments:0 | Tags:Featured Articles IT Security and Data Protection attacker d

Sending Little Bobby Tables to Detention

Little Bobby Tables shows us why it’s a good idea to sanitize your database inputs to avoid SQL injection attacks: In case you’re not familiar with the concept of SQL injection attacks, here’s a quick summary: Poorly written software uses a combination of a sql statement fragment like select salary from employees where i
Publish At:2016-09-13 14:35 | Read:1593 | Comments:0 | Tags:Uncategorized falco infosec SQL Injection Sysdig Falco

Navis WebAccess app used by US Ports is affected by a SQL injection flaw

The Navis WebAccess application used in the transportation sector worldwide is affected by a high severity SQL injection vulnerability. A software used in the US ports is affected by a high severity SQL Injection vulnerability (CVE-2016-5817). The flaw was discovered by a hacker behind the online moniker “bRpsd,” the expert has discovered the vulnerability i
Publish At:2016-08-24 04:45 | Read:1573 | Comments:0 | Tags:Breaking News Hacking Security critical infrastructure ICS-C

European Union Websites plagued by SQL Injection Flaws

Experts have discovered several SQL injection vulnerabilities in the European Union Websites, the European Parliament and the European Commission sites The security experts Vulnerability Lab CEO Benjamin Kunz Mejri and Marco Onorati have discovered a number of SQL injection vulnerabilities in the websites of the European Parliament and the European Commissio
Publish At:2016-06-10 13:15 | Read:1612 | Comments:0 | Tags:Breaking News Hacking Security European Union Websites Pierl

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud