darjr
I crit!
In dealing with this security breach, we learned that the hack was instigated by a “white-hat” hacker who had not followed proper protocols.
Details
The hacker found a PDO buffer overflow vulnerability that caused a SQL query to be truncated in a way that altered the price of all titles instead of just one.
The hacker also uncovered a vulnerability in a particular publisher-facing tool that would let a user enable or disable any title on site.
No customer or publisher data was accessed or compromised.
Details
The hacker found a PDO buffer overflow vulnerability that caused a SQL query to be truncated in a way that altered the price of all titles instead of just one.
The hacker also uncovered a vulnerability in a particular publisher-facing tool that would let a user enable or disable any title on site.
No customer or publisher data was accessed or compromised.
I can’t seem to find the original thread, for some reason. If some kind forumite who has it would post it here I’d appreciate it.