Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] Hacktivists Ghost Shell dump 1.6m log-in details on web




"the hacking group accessed some sites by attacking the databases many
companies use to catalogue and curate website content.

I suspect this might be a poor translation for "CMS" in hapless techno weenie speak. Rather than "attacking a service that catalogues and curates (other) websites content."
 
With cleverly crafted queries, attackers can make these databases cough
up data they should be concealing."

And this is clearly SQL injection.

cheers,
sach

Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links