[WASC-WHID] WHID 2011-68: Hack attack spills web security firm's (Barracuda) confidential data

WASC Web Hacking Incidents Database wasc-whid at lists.webappsec.org
Mon Apr 25 09:16:56 EDT 2011


*Entry Title: *WHID 2011-68: Hack attack spills web security firm's
(Barracuda) confidential data
*WHID ID: *2011-68
*Date Occurred: *April 11, 2011
*Attack Method: *SQL Injection
*Application Weakness: *Improper Input Handling
*Outcome: *Leakage of Information
*Attacked Entity Field: *Technology
*Attacked Entity Geography: *
*Incident Description: *Try this for irony: The website of web application
security provider Barracuda Networks has sustained an attack that appears to
have exposed sensitive data concerning the company's partners and employee
login credentials, according to an anonymous post.
Barracuda representatives didn't respond to emails seeking confirmation of
the post, which claims the data was exposed as the result of a SQL injection
attack.
*Mass Attack: *No
*Reference: *
http://www.theregister.co.uk/2011/04/11/barracuda_networks_attack/
*Attack Source Geography:*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/wasc-whid_lists.webappsec.org/attachments/20110425/1b4e4d67/attachment-0003.html>


More information about the wasc-whid mailing list