Twitter user @RuneGoldTrim has announced and alerted us to a release of a database from the (https://as.sjsu.edu) San Jose State University. The announcement came not to long ago and the attack appears to be carried out via a SQLi in the jsp file system.
The leak has resulted in data being dumped which contains the complete dump in CSV format. The dump contains all user accounts for the systems MySQL database as well as the encrypted passwords and user names. The leak was published to pastebay with the following short message and a preview of the dump, the actual file was uploaded to uppit.com as a 44mb rar file which when decompressed turns out to be a 3+ gig,
Target: Associated Students of San Jose State University (https://as.sjsu.edu/) Vuln: https://as.sjsu.edu/asts/index.jsp?val=bike_H17E Want to give a special shout out to ma homie logic! He actually did the dumping as my VPN(s) would not cooporate with me. Dude dumped it crazy fast.
Subscribe to Cyber War News
Get the latest posts delivered right to your inbox