Kaspersky Customer Database Exposed

← Back to Stories (view on slashdot.org)

Kaspersky Customer Database Exposed

Posted by timothy on Sunday February 8, 2009 @11:36AM from the which-is-not-a-new-mtv-show dept.

secmartin writes "A hacker has managed to gain access to several databases via a SQL injection vulnerability on Kaspersky's US website. He has posted several screenshots and a list of available tables; judging from the table names, the information available includes data on bugs and user- and reseller accounts. The hacker has indicated that no confidential information will be posted on the Internet, but since a large part of the URLs used was visible in screenshots, it will only be a matter of time before somebody else manages to duplicate this."

15 of 175 comments (clear)

Obligatory xkcd reference by Anonymous Coward · 2009-02-08 11:47 · Score: 0, Funny

Here's the reference, for those who still haven't seen it:
http://xkcd.com/327/
Re:Secure? Sure. by Anonymous Coward · 2009-02-08 11:50 · Score: 1, Funny

Who sed anything about Linux? I sed a *secure* OS. Oh and Im a level 120 yellow mold.
Re:Awesome by Anonymous Coward · 2009-02-08 12:03 · Score: 3, Funny

Fox news says you can hack a computer wirelessly. I believe a trusted news source way more than a nerd like you.
fuck! that will teach me to pay for software! by Anonymous Coward · 2009-02-08 12:05 · Score: 3, Funny

I've been "borrowing" our company's corporate AV sw that doesn't require registration and has perpetual license for the past 10 years... Then 6 months ago I decided to go legal and spent $70 for 3 user license. I paid with my credit card, registered with my email address and now this! Never again :)
Re:Secure? Sure. by Anonymous Coward · 2009-02-08 12:22 · Score: 1, Funny

If you want a virtually 100% secure OS, there is always OS X.
Re:Awesome by MrEricSir · 2009-02-08 12:26 · Score: 1, Funny

Trend Micro? Even Norton is better than Trend.

--
There's no -1 for "I don't get it."
Re:Secure? Sure. by Anonymous Coward · 2009-02-08 12:29 · Score: 2, Funny

That's because the gaping backdoors are in Apple users, not in Apple software.
Re:Secure? Sure. by Anonymous Coward · 2009-02-08 12:31 · Score: 2, Funny

I've never fucked a girl, but I hope to, someday. Somehow.
There, I fixed that for you.
Just got back from buying their retail product. by WiiVault · 2009-02-08 12:32 · Score: 4, Funny

Great timing eh?
Re:Awesome by Nethead · 2009-02-08 13:16 · Score: 5, Funny

AC: Fox news says you can hack a computer wirelessly. I believe a trusted news source way more than a nerd like you.
Isn't 'Fair and Balanced' a router setting?

--
-- I have a private email server in my basement.
Comment removed by account_deleted · 2009-02-08 13:47 · Score: 4, Funny

Comment removed based on user account deletion
Re:Awesome by kybred · 2009-02-08 13:51 · Score: 4, Funny

I'm all for more security though, most places don't error on the side of caution. Nuke plants tend to (and actually security it generally even 'tougher' at casinos)...
Of course it is! With nukes plants your merely talking about human lives. With casinos; well, there your talking about money.
Re:Awesome by Poltras · 2009-02-08 15:21 · Score: 5, Funny

Prepared statements are not exclusive to Java.
Shhh... He's a Java programmer, don't tell him there are other languages out there, he's gonna screw them up.

--
Of Code And Men
Re:Awesome by Anonymous Coward · 2009-02-08 15:56 · Score: 5, Funny

I work in a secure environment (along the line of a massive casino)
A bank, I presume?
Re:Awesome by Crayon+Kid · 2009-02-08 20:36 · Score: 2, Funny

Our filrewall looks at incomming connections and evaluates the strings against SQL injection tactics.
I'm hoping it wasn't you who wrote the filtering rules...

--
i ate crayons when i was a kid and now i have two braincells and the blue ones taste nicer