Dark Reading

Cybercrime's Love Affair With Havij Spells SQL Injection Trouble

Today's exponential increase in attack volume and complexity can largely be chalked up to the cybercriminal's creed of working smarter, not harder. It isn't so much l33t hackers toiling at code for ...
Dark Reading

'ResumeLooters' Attackers Steal Millions of Career Records

Attackers used SQL injection and cross-site scripting (XSS) to target at least 65 job-recruitment and retail websites with legitimate penetration-testing tools, stealing databases containing more than ...
Hackaday

This Week In Security: PostHog, Project Zero Refresh, And Thanks For All The Fish

There’s something immensely satisfying about taking a series of low impact CVEs, and stringing them together into a full exploit. That’s the story we have from [Mehmet Ince] of ...
Engadget

TalkTalk hack: what you need to know

Late last night, quad-play provider TalkTalk issued an urgent statement alerting customers that its website had been hacked. Following a "significant and sustained cyberattack," the company warned ...
Ars Technica

Anonymous speaks: the inside story of the HBGary hack

It has been an embarrassing week for security firm HBGary and its HBGary Federal offshoot. HBGary Federal CEO Aaron Barr thought he had unmasked the hacker hordes of Anonymous and was preparing to ...

"Karvi-geddon": Deficient security architecture at delivery service platform

A security analysis published on Github reveals serious deficiencies at Karvi Solutions. Tens of thousands of restaurant ...