The popular NextGEN Gallery WordPress plugin was recently patched to address a “severe” SQL injection vulnerability that put website databases at risk.
The biggest mistake companies make with data security is leaving all their secrets unprotected at one place, which if attacked, they are all gone in one shot.
An unnamed law enforcement agency has reportedly accessed billions of compromised usernames, email IDs, and their passwords, collected by LeakedSource, a popular breach notification service.
LeakedSource, launched in late 2015, that
The ransomware attacks on poorly secured MongoDB installations have doubled in just a day.
A hacker going by the handle Harak1r1 is accessing, copying and deleting unpatched or badly-configured MongoDB databases and then threatening administrators to ransom in exchange of the lost data.
It all started on Monday when security researcher Victor Gevers identified nearly 200 instances of a
A researcher has disclosed some details and a limited proof-of-concept for a critical MySQL vulnerability. The flaw has been patched in MariaDB and PerconaDB.
BREAKING: A misconfigured database has resulted in the exposure of around 191 Million voter records including voters’ full names, their home addresses, unique voter IDs, date of births and phone numbers.
The database was discovered on December 20th by Chris Vickery, a white hat hacker, who was able to access over 191 Million Americans’ personal identifying information (PII) that are just
Researchers from ERPScan said SAP’s HANA in-memory database contains a default static encryption key.
Researchers have identified a serious vulnerability in some versions of Oracle’s MySQL database product that allows an attacker to strip SSL/TLS connections of their security wrapping transparently. The vulnerability is the result of the way that an option in MySQL handles requests for secure connections. Researchers at Duo Security discovered the bug after noticing some […]
Popular NoSQL database MongoDB has released an update that patches a critical denial-of-service vulnerability.
Collaboration providers Slack disclosed that a database storing its user profile information has been breached. The break-in has been stopped, and Slack announced that it has implemented two-factor authentication going forward.
Oracle on Tuesday will release a huge number of security fixes as part of its quarterly critical patch update, and one of them is a patch for a vulnerability that a well-known security researcher said looks a lot like a back door but was likely just a terrible mistake. The flaw is found in Oracle’s […]