daatdraqq Posted February 19, 2009 Report Posted February 19, 2009 Romanian Hacker Cracks Symantec, International Herald TribuneUnu claims SQL injection flaws in sites operated by Symantec, New York TimesFeb 19, 2009 | 05:28 PMBy Tim WilsonDarkReadingThe Romanian hacker who penetrated the Websites of three security vendors last week is now claiming two new victims: Symantec and The New York Times.The hacker, known only as "unu," posted a blog about an SQL injection vulnerability found on one of Symantec's Websites, the Document Download Center of the Norton Resource Center For Resellers. The flaw "permits access to their databases," unu says, although he did not say which databases or what data is contained in them.Ironically, the flaw was found on a login page that promotes the Norton line of security products, unu observes.In a response posted to unu's Website, Symantec concedes that the page is flawed by "inconsistent exception handling," but it rejects unu's assertion that the bug could lead to database access."Upon thorough investigation, we have determined that the blind SQL injection is, in fact, not effective," Symantec says. "The difference in response between valid and injected queries exists because of inconsistent exception handling routine for language options. Thanks again for notifying us of the issue. We will have the modified page up again soon with better exception handling."In a separate blog, unu also claims to have discovered an SQL injection vulnerability in the Website of the International Herald Tribune, the global edition of The New York Times."I discovered an unsecured parameter, which allows access to the database," unu says. "Besides the wealth of information in the database, we also found an interesting table containing login details of 161 affiliates, editors, reporters, and other associates of the famed newspaper."The International Herald Tribune says the vulnerability has been patched, but concedes that some login details were exposed.Unu says he's targeting other newspapers' Websites for further research. sursa : http://www.darkreading.com"unu" )))))) Quote
Nytro Posted February 19, 2009 Report Posted February 19, 2009 Pe unele site-uri ii zic "uno". Si nu doar Symantec, si Kaspersky... HackersBlog rullz. Quote
daatdraqq Posted February 19, 2009 Author Report Posted February 19, 2009 Suntem dati draqq domne' ce sa mai zicem ,bravo ...si la mai mare ! Quote
Trompitza Posted February 25, 2009 Report Posted February 25, 2009 Hackeri români, în aten?ia FBIÎn urm? cu câteva zile, un alt hacker a ajuns pe paginile ziarelor. De data aceasta, jurnali?tii americani au relatat despre cazul unui român care ar fi spart site-ul publica?iei "The New York Times". Hackerul, cunoscut sub numele de "unu", oferea pe un blog informa?ii despre bazele de date nesecurizate ale diferitelor companii, pe care acesta le-ar fi accesat ilegal. Românul preciza c? a reu?it s? modifice site-ul unei companii, Symantec, profitând de o vulnerabilitate, o reclam? inserat? pe pagina de logare. Pe pagina respectiv? erau prezentate diferite produse ale firmei, Norton AntiVirus 2009 ?i Norton Internet Security, destinate întocmai securiz?rii calculatorului. Printre companiile ale c?ror pagini virtuale au fost atacate de "unu" se mai afl? produc?torul rus de software Kaspersky ?i ziarul "International Herald Tribune".http://www.evz.ro/articole/detalii-articol/841278/Hacker-roman-angajat-de-procuratura-italiana/ Quote
Nytro Posted February 26, 2009 Report Posted February 26, 2009 Pentru mass-media: _|_, din cauza jurnalistilor neinformati se ajunge la concluzii idioate. "au fost atacate" - _|_ Cristina Botezatu si Ana Zid?rescu aka jurnalistii care au scris acest articol. Quote
nullbyte Posted February 26, 2009 Report Posted February 26, 2009 massmedia... lol.Din cauza ei satanismul, termenul 'hacker' ?.a. sunt în?elese gre?it. Quote
