wasc-whid@lists.webappsec.org

WASC Web Hacking Incidents Database

View all threads

WHID 2011-68: Hack attack spills web security firm's (Barracuda) confidential data

WW
WASC Web Hacking Incidents Database
Mon, Apr 25, 2011 1:16 PM

*Entry Title: *WHID 2011-68: Hack attack spills web security firm's
(Barracuda) confidential data
*WHID ID: *2011-68
*Date Occurred: *April 11, 2011
*Attack Method: *SQL Injection
*Application Weakness: *Improper Input Handling
*Outcome: *Leakage of Information
*Attacked Entity Field: *Technology
*Attacked Entity Geography: *
*Incident Description: *Try this for irony: The website of web application
security provider Barracuda Networks has sustained an attack that appears to
have exposed sensitive data concerning the company's partners and employee
login credentials, according to an anonymous post.
Barracuda representatives didn't respond to emails seeking confirmation of
the post, which claims the data was exposed as the result of a SQL injection
attack.
*Mass Attack: *No
*Reference: *
http://www.theregister.co.uk/2011/04/11/barracuda_networks_attack/
Attack Source Geography:

*Entry Title: *WHID 2011-68: Hack attack spills web security firm's (Barracuda) confidential data *WHID ID: *2011-68 *Date Occurred: *April 11, 2011 *Attack Method: *SQL Injection *Application Weakness: *Improper Input Handling *Outcome: *Leakage of Information *Attacked Entity Field: *Technology *Attacked Entity Geography: * *Incident Description: *Try this for irony: The website of web application security provider Barracuda Networks has sustained an attack that appears to have exposed sensitive data concerning the company's partners and employee login credentials, according to an anonymous post. Barracuda representatives didn't respond to emails seeking confirmation of the post, which claims the data was exposed as the result of a SQL injection attack. *Mass Attack: *No *Reference: * http://www.theregister.co.uk/2011/04/11/barracuda_networks_attack/ *Attack Source Geography:*