250 million customer records compromised by Microsoft. Mis-configured database.
February 1, 2020
September 9, 2020
Code injection found in our latest web vulnerability assessment
May 11, 2018
Our latest web vulnerability assessment was unique not only because we had the highest findings till date (30 issues) but more because we found a code injection. While MySQL injections allow you to inject SQL commands on your database and may cause sensitive data from the database to be leaked, the code injection allows you to inject a command at the programming code or server level which can be really dangerous.
When such high priority issues are found, we don't wait for the final report, and raise an emergency immediately. We help the developer close this issue soon, and help retest to finally close this issue even before the final report is out. This is an important process to ensure high level threats are closed immediately the moment they are found to prevent any potential misuse.