The Latest in IT Security

Job seekers beware — hackers are exploiting SQL flaws to steal data on millions of victims

07
Feb
2024
Job seekers beware — hackers are exploiting SQL flaws to steal data on millions of victims

image credit: unsplash

Millions of people looking for a new job have had their personal data stolen and put for sale on dark web chat groups after several sites were breached.

Cybersecurity experts from Group-IB have released a new report outlining their research into a relatively new threat actor called ResumeLooters and how it was able to sell a huge database on the dark web.

ResumeLooters first emerged in November 2023, when it successfully compromised 65 job listing and retail sites using two techniques – SQL injection, and cross-site scripting (XSS). With the help of tools like SQLmap, Acunetix, X-Ray, or Metasploit, the attackers were able to scan the web for flaws, automate detection and exploitation of SQL injection flaws, develop and execute exploit code against targets, and more.

Read More

Comments are closed.

Categories

SATURDAY, DECEMBER 14, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments