Hackers hit third security firm
By Stuart Turton
Posted on 13 Feb 2009 at 09:31
F-Secure has confirmed that it's been hit by the same hackers that went after Kaspersky last week.
The hacking group, believed to be Romanian, appears bent on embarrassing the world's leading antivirus companies, and has now added F-Secure's scalp to those of Kaspersky and BitDefender.
F-Secure is "vulnerable to SQL Injection plus Cross Site Scripting," says an entry on the HackersBlog site. "Fortunately, F-Secure doesn't leak sensitive data, just some statistics regarding past virus activity."
As with Kaspersky, F-Secure owned up to the attack, with a spokesperson admitting it was "slightly embarrassing for a security company to be breached this way."
However, F-Secure stressed no personal information had been exposed and the affected server has been pulled down while the exploit is patched.
"Although the attackers were able to read information from the database they couldn't write or manipulate it," the company says on its blog.
"And they couldn't access any other data on that server because the SQL user only had access to its own database, which only contains public information that is shown on our statistics pages. So while the attack is something we must learn from and points at things we need to improve, it's not the end of the world."
From around the web
advertisement
- How to install Internet Explorer 9
- Maintaining and supporting IE9
- Plan your deployment
- Creating a custom browser package
- Search in corporate environments
- Why I'm deleting Adobe from my PC
- Prepare to be patronised: it's Safer Internet Day
- Dear Sony, Samsung and every other tech company in the world: stop trying to be Apple
- Will Apple's Final Cut Pro X update placate the pros?
- Smartr Contacts for iPhone review
- Switching to Office 365's Outlook Web App
- Amazon Kindle Fire review: first look
- Lytro light-field camera: first look
- CES: Why booth babes are bad marketing
- Ice Cream Sandwich on the Transformer Prime review: first look
- Paying for your crimes with Bitcoin
- Pavement hacking: What it is and how to avoid it
- Google's risky pre-loaded pages
- Mac under attack: how secure is Apple's OS?
- Has your browser been hijacked?
- Can you send a truly anonymous email?
- Is it safe to send bank details over email?
- Sainsbury's Bank bans password storage
- MobileMe triggers credit card blocks
- How to stay safe against session hijacking
advertisement
