backtop


Print 25 comment(s) - last by teohhanhui.. on Feb 11 at 1:29 PM


SQL injection  (Source: HackersBlog)
Although there are a lot of high-profile hacker intrusions these days, it normally doesn't happen to security companies... but it recently did to Kaspersky

Security firm Kaspersky Security has been left embarrassed after a hacker informed them that a customer information database was left exposed for 11 days before the security firm was able to secure it.

"Honestly, this is not good for any company and especially not good for a company dealing with security," Kaspersky senior antivirus researcher Roel Schouwenberg said during a media phone conference.  "This should not have happened.  We are now doing everything within our power to do the forensics on the case, and to prevent this from happening again."

Although no customer information was reportedly accessed by the intruder, the millions of customers who have used Kaspersky may think twice before doing so again.  In total, 2,500 users' e-mail addresses and around 25,000 product activation codes were at risk over the 11-day period.

A posting on the Hackersblog.org web site includes screenshots of the hacker who used an SQL injection to access the company's database.  It looks like a part of Kaspersky's U.S. support site was breached using the SQL injection attack -- the site was created an unnamed third party and was not reviewed properly by the security company prior to being used on the site.

"Alter one of the parameters and you have access to EVERYTHING: users, activation codes, lists of bugs, admins, shop, etc.," the blog entry on Hackersblog.org indicates.

The U.S. support site officially went live on January 28 and was first marketed to the public on January 29, according to Kaspersky.  It doesn't look like the site was infiltrated by any other hackers since the site has been published.

Kaspersky has called upon Next Generation Security Software's David Litchfield, a security expert specializing in SQL injection attacks, to conduct an independent audit and security risk analysis of the company's web site.  Once finished, the report will be published on Kaspersky's web site for all visitors to see.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Irony
By dj LiTh on 2/10/2009 9:24:48 AM , Rating: 5
Um personally, having fixed countless computers infected with virus's with Norton installed and running, i'd say the reason why people hate norton is because it doesnt work, and when it does it cripples your computer to the point that you might as well of had an antivirus on your computer.


RE: Irony
By chick0n on 2/10/09, Rating: -1
RE: Irony
By Dreifort on 2/10/2009 10:40:17 AM , Rating: 2
I don't know of any AV program that gives 100% protection. That's why I personally use several different programs at once. Something about eggs in one basket...

Relying on one program/company to protect you from Viruses, Root kits, Spyware, etc...doesn't make sense. I like Trend personally, but I can't expect them to run my firewall, monitor 24/7 for viruses and prevent spyware. I don't know of a program that can efficiently do all 3. But I know several programs that can do each proficiently.


RE: Irony
By excrucio on 2/10/2009 12:08:55 PM , Rating: 1
You're partially correct.

Norton 2008 and prior completely cripples the computer. Any Norton Internet Security is crap and 360 is even worse.

As far as Norton 2009 Antivirus with Anti-Spyware is probably their best version to date.

Norton Corporate version is even better.
yes you heard me. Norton Corporate is so light, and very reliable.

Kaspersky is a OK program, i used to think they were good until i really started to experience the program.

Here's something to think about though.

The avarage computer user tends to think that by having a antivirus product, they will be automatically immune to infections. No, this is not true. Some antivirus wil do the favor of doing LIVE monitoring, such as Avira and AVG, but some won't such as Norton.

Bottom line is: People you have to press the SCAN button to catch the infection most of the time! You HAVE to scan a file that you've downloaded and is unsure of.


Don't rate me down. I've been doing work for the public here in NJ and I am safe to say the store I work for does a great job. I am good at what I do. Take my tip and stick with norton simplest products they are pioneers.

AVG-free is another great option go for it.

Want more?

www.youtube.com/rkasnake I will soon be talking about computers for those who need help deciding which products or what to do with things involving PC.

Cheers!


RE: Irony
By threepac3 on 2/10/2009 1:16:54 PM , Rating: 1
Norton Internet Security 2009 is just as fast. It includes Norton Ativir 2009 and Norton firewall. It runs clean and fast, as fast as Avast! which is what I used to use. You can use this product on 3 machines out of the box, which is awesome.

Norton still has work to do in there PR department. Most techs still thinks Norton is a resource hog that cripples machines by the dozen.


RE: Irony
By teohhanhui on 2/11/2009 1:29:08 PM , Rating: 2
With Norton off the list now AVG is easily one of the worst anti-virus programs you could be using. If you want it free, Avira AntiVir or avast! would be much better.


"Spreading the rumors, it's very easy because the people who write about Apple want that story, and you can claim its credible because you spoke to someone at Apple." -- Investment guru Jim Cramer











botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki