RSS Alerts

Share

More services

Related Links

Related Stories

  • A Rotting Security Apple?
    Vendors, analysts, and commentators alike have long predicted a surge in malware affecting Apple’s products. Yet, until recently, these prognostications have failed to materialize. Drew Amorosi examines recent malware threats to Apple’s OS X operating system to find out if this is an anomaly, or a sign of things to come
  • Searching for Security
    With more than 30 000 web pages being compromised every day, search engine results could increasingly lead to malware infection. Kari Larsen asks what the search engines are doing to mitigate security threats, and how users can protect themselves
  • Barracuda Networks website hit by SQL injection attack
    Barracuda Networks has become the latest IT security vendor to be hit by an SQL injection attack, but the company has moved swiftly to mitigate the fallout from the attack, as well as confirming that all active passwords for applications remain secure.
  • The battle of the internet browsers
    Browsers are the hackers’ window into your PC – but how are they compromised, and what are vendors doing to harden them? Danny Bradbury examines the techniques vendors are employing, and why user education is one of the primary solutions for increased security
  • Search for security
    With more than 30 000 web pages being infected every day, search engine results could increasingly lead to malware infection. Kari Larsen asks what the search engines are doing to mitigate security threats, and how users can protect themselves.

Top 5 Stories

News

Kaspersky site hack expands to BitDefender and F-Secure

17 February 2009

Romanian hackers are reported to be targeting the web sites of several IT security vendors.

Following a successful SQL Injection attack on the Kaspersky Labs web site earlier this month, the hackers are claiming similar attacks on the web sites of BitDefender and F-Secure.

According to postings on the Hackersblog.org web site, the attacks form part of a concerted campaign by a group of hackers led by `Unu' who is intent on highlighting the fact that IT security vendors are not practising what they preach.

All three companies are reported to be boosting their website defences in the wake of the attacks, but the good news is that no data appears to have been stolen, Infosecurity notes.

In his/her posting on Hackersblog, Unu says that s/he is not disclosing the full methodology behind the attack on the Bitdefender site, as it is only a warning message to the company.

Unu claims that the news section of the Bitdefender web site "is acting weird when tested with the `trivial' SQLi test."

S/he also claims that the site is powered by an Apache 2.0.52 webserver, with PHP 4.3.9, running on a Linux Red Hat Enterprise 4 server, with a database backend of PostgreSQL.

Kaspersky and F-Secure, s/he says, "have been pretty open about the incidents that affected them, and appear to have learned something from them."

Infosecurity notes that Kaspersky Labs has hired a database security expert to review all its websites.

This article is featured in:
Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012