The website of BitDefender has been hit by hackers for the second time in a week.
According to a post on the hackersblog.org website, a vulnerability persists which gives access to the database.
The poster claimed: “It is frustrating and very annoying for a company the size and fame of BitDefender to have no contact email address on their website. On their contact link, you can send a few words to the webmaster, which I did and to which I didn't get any reply. And the vulnerability persists.
“This parameter gives access to the DB. I will not publish too much now as I am waiting for the problem to be solved.”
The poster, who goes by the name Unu, claimed that the vulnerable parameter is in the news section and ‘has a strange behaviour' when tested with an SQL injection.
See original article on scmagazineuk.com