Customer Login \| Contact \| Blog
1-866-4-CENZIC (866-423-6942) \|

Hacking Database

Everything you wanted to know about hacking (but were afraid to ask)

If you want to learn more about website hacks, the latest hacking news, or descriptions of common terms in the industry, then this resources section is for you. Check out the following items:

Date Hack Occurred	Type of Hack	Summary of Hack	Link(s) to Hack
June 2011	Parameter Tampering	Citigroup hack exposed financial data of more than 360,000 customers.	http://www.wired.com/threatlevel/2011/06/citibank-hacked/
Feb 2011	SQL Injection	Online dating site, eHarmony, gets hacked right before Valentine’s Day	http://www.theregister.co.uk/2011/02/11/eharmony_data_breach/
Jan 2011	Password Management	Online dating site, Plenty of Fish, gets hacked and CEO comments make it worse	http://business.financialpost.com/2011/01/31/canadian-dating-website-plenty-of-fish-hacked/
July 2010	Defacement via XSS	Defacement of BP website after oil spill	http://praetorianprefect.com/archives/2010/06/going-after-bp/
June 2010	SQL Injection	Found by Google engineers, this SQL Injection was used on local restaurant websites in Texas	http://threatpost.com/en_us/blogs/mass-sql-injection-attack-hits-sites-running-iis-061010
June 2010	Session Management	A session management security flaw in AT&T's network exposed the e-mail addresses of more than 100,000 owners of Apple's 3G iPad	http://www.darkreading.com/database_security/security/app-security/showArticle.jhtml?articleID=225701411&cid=RSSfeed
June 2010	XSS Vulnerability	Cross Site Scripting (XSS) Vulnerability on Twitter exploited by Turkish Hackers	http://news.softpedia.com/news/Twitter-XSS-Vulnerability-Possibly-Exploited-by-Turkish-Hackers-145594.shtml
May 2010	SQL Injection	SQL Injection exploited to gain information on 168,000 Netherlands travelers. The website created to encourage the use of smart cards for public transportation that had a serious SQL injection flaw.	http://itknowledgeexchange.techtarget.com/security-bytes/sql-injection-attack-used-in-breach-of-168000-netherlands-travelers/
April 2010	Bruteforce Attack	Using Bruteforce attacks, Turkish hackers attacked more than 250 Armenian Sites.	http://www.freehacking.net/2010/04/turkish-hackers-attacked-armenian.html
April 2010	SQL Injection	Brokerage firm fined $375,000 over breach via SQL Injection.	http://www.scmagazineus.com/brokerage-firm-fined-375000-over-breach/article/167884/?DCMP=EMC-SCUS_Newswire
March 2010	Password Management	Exploiting bad password management, hacker disables 100 cars remotely.	http://praetorianprefect.com/archives/2010/03/bad-password-management-will-stop-you-in-your-tracks/
March 2010	XSS	Paypal.com domain is susceptible to a non-persistent reflected cross site scripting attack (XSS).	http://praetorianprefect.com/archives/2010/03/xss-flaw-on-paypal-com/
January 2010	DNS cache poisoning	Baidu, China’s largest search engine, hacked by “Iranian Cyber Army”	http://thenextweb.com/asia/2010/01/12/breaking-baidu-hacked-iranian/
December 2009	XSS, iFrame Injection	Pentagon Web Site Vulnerabilities Identified	http://praetorianprefect.com/archives/2009/12/pentagon-web-pwned/
December 2009	SQL Injection	Intel Breach Reveals Passport Information	http://praetorianprefect.com/archives/2009/12/intel-breach-reveals-passport-information/