![]() ![]() Not sanitizing input fields for APIs has been and will continue to be a problem for developers. This is a classic case of developer error - it is an easy mistake to make. Thomas Hatch, chief technology officer and co-founder at IT automation software firm SaltStack Inc., noted that “SQL injection is still a serious attack vector and one that I don’t see going away anytime soon. Given how many small law firms, financial and tax advisors entrust their data to these future victims, he added, there could be a spike in sophisticated, chained intrusions into large companies via law firms and other outside advisers. Thus, cybercriminals will likely initiate large-scale password reuse attacks and phishing campaigns targeting careless and inattentive software developers.” ![]() “Commonly, they have privileged, or even unlimited, access to the web applications and databases of their customers. “In light of disastrous breaches of this year, this would be a fairly banal incident, but the reportedly hacked resource is used by a huge number of webmasters and programmers,” Ilia Kolochenko, founder and chief executive officer of web security company ImmuniWeb, told SiliconANGLE. An SQL injection is a code injection technique in which an attacker inserts malicious code into an SQL backend database to allow manipulation of the database, including the theft of stored data. All users with the latter have had their passwords reset and affected users were sent an email encouraging them to change their password if it was used on another site.įreepik did not detail when the attack and theft of data took place, saying only that it involved an SQL injection in Flaticon that gave the attacker access to information from their database. Some 3.55 million of those passwords were encrypted with bcrypt, making them highly difficult but not impossible to crack, while 229,000 were salted MD5, an older encryption standard that can be easily decrypted. The data stolen included the email addresses of users along with 3.77 million hashed passwords. S.L., have been stolen through an SQL injection attack. You can search the icons by various parameters, easily change the color of monochrome icons, and refine the search by most popular or new uploads. Data relating to 8.3 million users of stock-image sites Freepik and Flaticon, both owned by Freepik Co. Flaticon API allows you to download icons in: SVG, EPS, PSD & PNG. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |