Yahoo Voices users: Change your Yahoo password immediately.

A hacker or hacking group that bills itself as “DD3Ds Company” Thursday leaked what it said were plaintext passwords for 453,492 Yahoo accounts, as well as over 2,700 database table or column names, and 298 MySQL variables. DD3Ds said it obtained the data by executing a SQL injection attack against an unnamed Yahoo subdomain, which security experts have identified as being Yahoo Voices.

“We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat,” read a note included in the password dump. “There have been many security holes exploited in webservers belonging to Yahoo! Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage.”

More

Explore More

Critical SQL Injection in Myanmar Teleport – Myanmar Internet Service Provider (formerly known as BaganNet)

PlanetCreator has reported another critical SQL Injection (vulnerability) on Myanmar Teleport – Myanmar Internet Service Provider (formerly known as BaganNet) http://www.myantel.net.mm/ SQL injection is a code injection technique that exploits

Read More

Infection via HTML

Edit the code on what and how you need it, and yes this is detectable  in many cases, but you could insert a small FUD downloader to be  downloaded via

Read More

What are the components of a security evaluation?

Any security evaluation involves three components: * Preparation: In this phase, a formal contract is signed between an ethical hacker and the authority of the organization that contains a non-disclosure

Read More