Our Joomla Security Scanner tool has been extended with the Joomscan security testing tool. Joomscan is a tool that tests a Joomla installation for known vulnerable plugins and core security configuration mistakes. Detection of these vulnerabilities will allow a web site owner to get the plugins update or fixed before they get attacked. Joomla is [...]
Archive | Security Breaches RSS feed for this section
Security Scan Restrictions and Updates
After performing over a quarter of a million free security scans, HackerTarget.com has decided to remove access to some of the free security scanning options. This will be a disappointment for some users but in the long run it will mean added functionality and improvements to our overall service. The primary reason for the change [...]
SQL Injection Recap
During the Christmas break the Internet Storm Center had good coverage on the latest MSSQL based sql injection worm that appears to have infected over 1 million Microsoft based web pages. Recall back in November last year when we published a history of sql injection attacks, and followed that up with a sql injection tutorial. [...]
Data Breaches Visualized
Nathan from Flowing data has put together an excellent graphical representation of the largest data breaches of all time. Data was sourced from Dataloss DB. Sony has been having all sorts of data breach problems lately — namely a million passwords from the Sony Pictures site, 77 million accounts from the PlayStation Network, and nearly [...]
TechCrunch Europe hacked
Drive by downloads, adobe exploits and a zeus variant trojan that is only detected by 2 of 43 Anti-virus products. This is a good example of current threats that website operators as well as end users should all be aware of, a high profile site gets hacked and poses a signifcant threat to the end [...]
Iran’s Cyber Army Hacks 1,000 US, British, French Gov’t Websites
While political hacking has been around for years, this is a good reminder that credit cards and identity theft are not the only targets when it comes to securing systems. Anyone is a potential target, and organisations who have parties that are opposed to their agenda will be targeted. Whether they are non-governmental entities or [...]
Hacked US Treasury websites serve visitors malware
Oops, lets hope the money is safe. You would think of all the US Government departments and targets this one would be well protected. [QUOTE]Websites operated by the US Treasury Department are redirecting visitors to websites that attempt to install malware on their PCs, a security researcher warned on Monday. The infection buries an invisible [...]
When Neo Hacked the Latvian SRS Database
Movie plots cross into real life in Latvia where a significant security breach has occurred in the hacking of the Latvian SRS Databse. A group of hackers has stirred the nation after hacking into the countries taxation web site and revealing details of the powerful political elites wages and bonuses. One of the hackers used [...]
BackTrack 4 Release
In case you missed it the worlds leading penetration testing Linux Distribution BackTrack has hit version 4.0. A new web site, great video tutorials for those wanting to learn and a complete guide to Metasploit are just a few of the new bits for you to check out. Based on Ubuntu and well tested this [...]
SQL Injection Demystified
Darkreading has a great article up on SQL Injection. This form of attack has been around for a long time, and happens because of poor dynamic website coding practices. A simple SQL injection vulnerability can often be exploited to gain full access to the database and / or full control of the database server. Now [...]
