CVE-2010-0377

SQL injection vulnerability in modules/arcade/index.php in PHP MySpace Gold Edition 8.0 and 8.10 allows remote attackers to execute arbitrary SQL commands via the gid parameter in a playgame action. NOTE: some of these details are obtained from third party information...

EUVD-2010-0408

Malware in sbrugna...

EUVD-2010-0412

Malware in sbrugna...

EUVD-2007-6633

Malware in sbrugna...

CVE-2010-0381

SQL injection vulnerability in modules/arcade/index.php in PHP MySpace Gold Edition 8.0 and 8.10 allows remote attackers to execute arbitrary SQL commands via the gid parameter in a showstats action. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

Medium: libuv

Issue Overview: libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to...

Denial Of Service (DoS)

pidgin is vulnerable to denial of service. Multiple NULL pointer dereference flaws were found in the way Pidgin handled Base64 decoding. A remote attacker could use these flaws to crash Pidgin if the target Pidgin user was using the Yahoo! Messenger Protocol, MSN, MySpace, or Extensible Messaging...

Myspace Employees Used to Spy on Users

Robert Mueller will testify, malware wrecks IoT, and more of the week's top security news...

MySpace loses 12 years worth of photos, songs & video files

By Waqas MySpace says it happened during a server migration project. Last time the once prominent social network website MySpace made headlines in 2016 after it suffered a massive data breach in which personal data of 427 million users including emails and passwords was stolen and leaked online...

Real Identity of Hacker Who Sold LinkedIn, Dropbox Databases Revealed

The real identity of Tessa88—the notorious hacker tied to several high-profile cyber attacks including the LinkedIn, DropBox and MySpace mega breaches—has been revealed as Maksim Vladimirovich Donakov Максим Владимирович Донаков, a resident of Penza, Russian Federation. In early 2016, a hacker wi...

Real Identity of Hacker Who Sold LinkedIn, Dropbox Databases Revealed

The real identity of Tessa88—the notorious hacker tied to several high-profile cyber attacks including the LinkedIn, DropBox and MySpace mega breaches—has been revealed as Maksim Vladimirovich Donakov Максим Владимирович Донаков, a resident of Penza, Russian Federation. In early 2016, a hacker wi...

A week in security (April 16 – April 22)

Last week, we took a stroll down memory lane talking about Facebook and MySpace, noticed a change in the Magnitude exploit kit—wherein it started adopting the GandCrab ransomware, took a good look at a new form of adware that is based on Python, chatted a bit about Russian hacking with a...

Myspace vs. Facebook: the good old days?

Many people have fond memories of ye olde Myspace dotte comme, and those rose-splashed spectacles seem to have grown ever larger in light of the recent Facebook happenings. In recent days, I've seen many declaring their love for all things Tom, and how everything was just one huge barrel of laugh...

Canadian Police Charge Operator of Hacked Password Service Leakedsource.com

Canadian authorities have arrested and charged a 27-year-old Ontario man for allegedly selling billions of stolen passwords online through the now-defunct service Leakedsource.com. The now-defunct Leakedsource service. On Dec. 22, 2017, the Royal Canadian Mounted Police RCMP charged Jordan Evan...

Hacked Password Service Leakbase Goes Dark

Leakbase, a Web site that indexed and sold access to billions of usernames and passwords stolen in some of the world largest data breaches, has closed up shop. A source close to the matter says the service was taken down in a law enforcement sting that may be tied to the Dutch police raid of the...

Hacker Selling Over 1 Million Decrypted Gmail and Yahoo Passwords On Dark Web

Hardly a day goes without headlines about any significant data breach. In past year, billions of accounts from popular sites and services, including LinkedIn, Tumblr, MySpace, Last.FM, Yahoo!, VK.com were exposed on the Internet. Now, according to the recent news, login credentials and other...

DailyMotion Hack Leaks Emails, Passwords of 87M Users

DailyMotion, a popular video sharing website, said Tuesday it recently suffered an “external security problem” resulting in the compromise of an unspecified number of its users’ data. LeakedSource.com, a repository of breached data, added DailyMotion to its list of “Hacked Sites” on Monday. The...

Breaking — Russian Hacker Responsible for LinkedIn Data Breach Arrested by FBI

The alleged Russian hacker arrested by the FBI in collaboration with the Czech police is none other than the hacker who was allegedly responsible for massive 2012 data breach at LinkedIn, which affected nearly 117 Million user accounts. Yevgeniy N, 29-year-old Russian hacker was arrested in Pragu...

Yahoo Challenged on Claims Breach Was State-Sponsored Attack

As challenges mount against Yahoo’s attribution of a massive 2014 data breach to state-sponsored hackers, CISO Bob Lord yesterday confirmed that a cache of 200 million Yahoo accounts marketed this summer in an underground forum is unrelated to the breach. Speaking at the Structure Security...

Yahoo Investigates 200 Million Alleged Accounts For Sale On Dark Web

Yahoo says it is investigating reports of 200 million user credentials advertised for sale on the Dark Web by a hacker that goes by the handle “peaceofmind”. The Yahoo credentials, according to the site listing the database for sale, includes usernames, passwords hashed using the MD5 algorithm,...