Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 464
Alerts This Week
Warning Icon 1 464

NASA Incident Report: SQL Injection Attack on Multiple Websites

General Esm H446
Miscreants took advantage of weak security to hack into two NASA-run websites over the weekend. The websites of NASA's Instrument Systems and Technology unit and Software Engineering division were broken into and screenshots illustrating the hack posted online. Hackers appear to have taken advantage of SQL Injection flaws and poor access controls in mounting the attack, reports Gunter Ollmann, an ex-IBM security expert who is now VP of Research at security firm Damballa.

Obfuscated screenshots from the hack were subsequently posted onto a full disclosure mailing list (here).

The link for this article located at The Register is no longer available.