Via DarkReading -
The hacker who broke through the Website defenses of two prominent security vendors earlier this week has claimed a third victim.
According to a posting on hackersblog.com, the Romanian attacker who launched SQL injection attacks on Kaspersky and BitDefender has now successfully penetrated the Web defenses of F-Secure, as well.
"[The F-Secure site is] vulnerable to SQL injection plus cross site scripting," the posting says. "Fortunately, F-Secure doesn't leak sensitive data, just some statistics regarding past virus activity."
An F-Secure spokesman told news reporters the breach occurred on a low-level server that doesn't contain sensitive data, only marketing statistics. "It is slightly embarrassing as a security company that we have had the breach," said F-Secure's David Frazer, in a news report. "We certainly, as a security company, want to ensure that all of our servers are patched to the levels that they should be."
No comments:
Post a Comment