Thursday, November 5, 15:15
Home security Powerful Greek Army: SQL injection on UNHCR's website

Powerful Greek Army: SQL injection on UNHCR's website

As can be seen, India's government websites are among the favorite targets of the Powerful Greek Army, since this time managed to break high-profile sites in the country and gained the passwords of hundreds of users.

Kapustkiy, who describes himself as a security pentester and is a member of the Powerful Greek Army, reports that he gained access to the database of two different UNHCR websites using SQL injection. Eventually he managed to obtain credentials from almost 200 accounts.Powerful Greek Army

The High Commission of Ghana, the High Commission of the United States and the corresponding India website had been broken a few hours ago by Kapustkiy, who decided to leak some of the database to persuade Indian administrators to repair the vulnerabilities .

Kapustkiy says she decided to break the page in India when its administrators were unable to boost security and repair the vulnerabilities they had identified earlier and helped him gain access to credentials of hundreds of users.

"I talked to Yatin Patel (he runs all these sites) and he promised me a while ago that he would take a look," the hacker said.

"I did not send the e-mail because they claimed that they had fixed everything that was not true."

Later, the authorities of India publicly acknowledged the vulnerabilities discovered by Kapustkiy and issued a thankful announcement on the security pentester to show their appreciation that helped them deal with weaknesses that could expose the users of the site.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

SecNews
SecNewshttps://www.secnews.gr
In a world without fences and walls, who needs Gates and Windows

LIVE NEWS

How to disable Pop-up Blocker in Chrome

The appearance of pop-ups while browsing the web can be annoying, but sometimes you want to see pop-ups ....

Russian hacker arrested by Russian authorities for targeting locals

Russian authorities arrested a malware creator in late September, causing surprise as Russia is a country that is usually lenient ...

How to block websites in Chrome (Desktop and Mobile)

Suppose you want to block specific websites, such as Facebook or Pinterest, on the computer you are working on to ensure that ...

Cisco: Zero-day vulnerability in Cisco AnyConnect Secure Mobility Client

Cisco today unveiled a zero-day vulnerability in Cisco AnyConnect Secure Mobility Client software with proof-of-concept exploit code being ...

Which ransomware gangs do not delete stolen data after ransom payment?

Ransomware gangs are less and less keeping their promise to the victims that they will delete the stolen data after the payment ...

Android Updates November: Google fixes 30 vulnerabilities

Google this week released its monthly security updates for the Android operating system, which fix a total of 30 vulnerabilities.

US: Seized 27 domains that spread propaganda in favor of Iran!

The United States announced yesterday that it had seized 27 domains used by the Army of the Islamic Revolutionary Guard Corps (IRGC) for ...

Japanese game developer Capcom has been hit by hackers

The Japanese toy development company Capcom revealed that it suffered a cyber attack at the weekend which affected its business activities, including ...

Privilege escalation by exploiting Microsoft Store games

An IOActive security researcher has identified a vulnerability in Windows that allows Privilege Escalation. That is, the attacker can gain more privileges ...

Qbot botnet: Sends phishing emails about US elections!

Qbot botnet sends phishing emails about the US elections in order to infect the victims with malicious payloads that ...