Comments on: Kaspersky database exposed

By: Gerard

Gerard — Thu, 02 Apr 2009 03:51:27 +0000

I’m already 8 minutes with a Kaspersky update download @ 99% and it has been growing from 10 Mb. to 22,3 Mb. I’m running a virus scan from my second system on my net work drives, because who knows??? Can’t be too paranoid.
Half an hour ago Kaspersky shut down spam checking and ran a Windows app “repairing” Kaspersky, rolling back on a number of files. After restart an alert popped up warning about my AV DB being out of date, hece the download.

Now it’s nagging about a restart.

I’m not going to do this until my Avast AV has finished. If I’m still alive tomorrow, I’ll let you know…

By: martin

martin — Thu, 12 Feb 2009 15:25:23 +0000

@hazed: Kaspersky has done the right thing and have provided a detailed response about what happened, see this page: http://securityandthe.net/2009/02/11/updates-about-kaspersky-sql-injection/

By: hazed

hazed — Thu, 12 Feb 2009 13:45:24 +0000

I love the fact that Kaspersky denies that they were compromised, when hackersblog clearly shows otherwise. Honesty is the best policy. Maybe Kaspersky should try it out some time.

By: Protect us from the Protectors: Kaspersky Customers Exposed | geekEleet

Protect us from the Protectors: Kaspersky Customers Exposed | geekEleet — Wed, 11 Feb 2009 12:21:44 +0000

[...] READ [...]

By: » Blog Archive » Kaspersky ha sido hackeada…

» Blog Archive » Kaspersky ha sido hackeada… — Wed, 11 Feb 2009 10:33:52 +0000

[...] Vía: Kaspersky database exposed (Security and the Net) [...]

By: OLAM S.R.L» Noticias » Hackean la base de datos de Kaspersky

OLAM S.R.L» Noticias » Hackean la base de datos de Kaspersky — Tue, 10 Feb 2009 21:24:07 +0000

[...] Kaspersky database exposed (Security and the [...]

By: best seo in wales

best seo in wales — Tue, 10 Feb 2009 21:23:14 +0000

“The vulnerability wasn’t critical and no data was compromised from the site.”
Doesn’t that first screenshot show root:localhost and the password hash? Seems pretty serious. Assuming this has been secretly known for a while couldn’t the hash have been broken?

If the guy can list the tables can’t he list a select all on the same tables and thus have all data from the compromised DB?

Whitewash? Or perhaps I misunderstood?

By: Otro grande de la seguridad hackeado « Churris por un tubo

Otro grande de la seguridad hackeado « Churris por un tubo — Tue, 10 Feb 2009 19:09:53 +0000

[...] Visto en securityandthe [...]

By: Site de support Kaspersky victime d’injection SQL | Kaspersky Lab : blog non-officiel

Tue, 10 Feb 2009 16:12:50 +0000

[...] avec un plaisir certain qu’un partenaire m’a fait parvenir le lien de cet article dans la journée de hier. A la première lecture, c’est la fin du monde : l’éditeur a [...]

By: Subserraneo » Blog Archive » Hackean la base de datos de Kaspersky

Subserraneo » Blog Archive » Hackean la base de datos de Kaspersky — Tue, 10 Feb 2009 11:29:54 +0000

[...] Kaspersky database exposed (Security and the [...]

By: Violati i database di Kaspersky e Bitdefender - Appunti Digitali

Violati i database di Kaspersky e Bitdefender - Appunti Digitali — Tue, 10 Feb 2009 10:01:11 +0000

[...] The Inquirer ed altre nel campo specifico della sicurezza (tra cui GovernmentSecurity e Security and The Net) hanno riportato la notizia secondo cui l’infrastruttura web di Kaspersky, database compreso, [...]

By: Interesting Information Security Bits for 02/09/2009 | Infosec Ramblings

Interesting Information Security Bits for 02/09/2009 | Infosec Ramblings — Mon, 09 Feb 2009 15:58:45 +0000

[...] you haven’t, Kaspersky had a little problem this weekend. They did get it corrected quickly. Kaspersky database exposed | Security and the Net Tags: ( vulnerability sql [...]

By: I’m still alive! « xorl %eax, %eax

I’m still alive! « xorl %eax, %eax — Mon, 09 Feb 2009 14:26:19 +0000

[...] here are some cool links to visit: – Kaspersky database exposed – CIA Agent Pleads Guilty to Defrauding Covert Credit Cards – Scientist Teleport Matter More Than [...]

By: Geeko! » Roban los datos de usuarios de Kaspersky

Geeko! » Roban los datos de usuarios de Kaspersky — Mon, 09 Feb 2009 10:26:48 +0000

[...] de activación y, “posiblemente datos personales”, según informa la web “Securityandthe.net“.Para demostrar que va en serio, el informático -que ya ha señalado que no hará público [...]