Over on the post “Hackers disclose SQL injection of Barracuda website > Data Security, Database Security, File/Disk Encryption, Mobile Encryption, Storage Security > Network Access > Access Control > News > SC Magazine Australia/NZ” contains this text:
“Chalk up Barracuda Networks as the latest information security firm to fall victim to a cyberattack.
Hackers, apparently from Malaysia, revealed Monday that they exploited an SQL injection vulnerability on Barracuda’s website to raid various databases and hijack the names and contact information of partners, customers and Barracuda employees.
In the post on HMSec Full Disclosure, the hackers published the details of some of the victims. They included partners such as Boston Computers and Peripherals, end-users such as Allied Fire & Safety and Barracuda employees who have access to the email and web security firm’s content management system.
Also posted were the passwords, which, according to security experts, appeared to be encrypted by the oft-criticized MD5 hash algorithm, for some of the Barracuda employees and partners. It is not clear if the passwords were ‘salted,’ which makes them more difficult to crack.
Barracuda joins RSA, Comodo and HBGary as the fourth high-profile security firm that hackers successfully infiltrated this year. The HBGary compromise also was the result of an SQL injection hole.”
