Home

Insufficient Encryption

WHID 2008-60: Miley Cyrus Pictures Leaked Due to a Web Hack (Updated)

Updated: 
19 April 2009

Update (April 19th 2009) - E!News provides additional interesting details about Josh Holly, the hacker who carried out the attack providing an interesting insight into the celebs hacking phenomena.

Read more...

Celebs are fast becoming a prime hacking target. Miley Cyrus already made her debut at WHID when her Twitter account was raided. But it seems that this was not her first cyber incident for her. As reported by Wired, late last year a hacker named Josh Holly published private photos of Ms. Cyrus stolen from her G-mail account.

WHID 2009-18: phpBB web site hacked using LFI

Tagged:  
Updated: 
5 February 2009

phpBB was known for years as one of the most insecure software packages out there. It is responsible for one for one of the 1st application layer worm, Santy back in 2004. How ironic is that its own web site was seriously breached due to a vulnerability in another software package used...

Read more...

 

WHID 2008-49: ValueClick weak decryption and vulnerability to SQL injection

Updated: 
13 January 2009

As a side story to ValueClick indictment of deceptive marketing by the FTC, the FTC investigation also found SQL injection vulnerabilities and lack of sufficient encryption of sensitive customer information. These findings contributed to the $2.9 million fine the FTC levied on ValueClick as well as to the company being dumped from managing eBay's affiliate program.

Syndicate content