BlackHat 2009: hacked server of well-known experts in the field of information security
These days, the BlackHat Information Security Conference is taking place in the United States. Despite the defiant title, it is usually within its framework that publicly known experts speak to various topical issues on security. whitehats.
For Black Hats, there is no better time to strike back than the days of Blackhat, while well-known experts drink beer, read reports and advertise their security consulting in every possible way. So, a number of servers of well-known experts were hacked yesterday , including Kevin Mitnick and Dan Kaminsky, famous for his research on DNS security.
Targeted were the last year; Kevin Mitnick, one of the first hackers to be prosecuted for computer crimes; and the PerlMunks programmer community, among others.
What is surprising, however, is not the fact of penetration, but the fact that he showed the well-known problem of “shoemaker without shoes”. Apparently, one of the penetrations was accomplished through WordPress, an open source engine with a history of vulnerabilities that could not fit even on a roll of toilet paper:
Several press reports are recruitment experts, including Dan Kaminsky, Jay Beale and Kevin Mitnick were compromised. WordPress, a popular blogging platform.
Dan Kaminsky, to all appearances, was also in no hurry to follow one of the fundamental rules of the observance of information security “do not keep important things in public places”:
')
During the Mitnick attack, the hackers hit the mother lode with Kaminsky. It was a question of how it was a matter of DNS DNS vulnerability, passwords and backlighting.
...
What does it mean to you? It will tell you what the practitioners need.
At sucuri.net/mirror/zf05.txt , available at the time of publication, you can read the "screenplay" hacks.
For Black Hats, there is no better time to strike back than the days of Blackhat, while well-known experts drink beer, read reports and advertise their security consulting in every possible way. So, a number of servers of well-known experts were hacked yesterday , including Kevin Mitnick and Dan Kaminsky, famous for his research on DNS security.
Targeted were the last year; Kevin Mitnick, one of the first hackers to be prosecuted for computer crimes; and the PerlMunks programmer community, among others.
What is surprising, however, is not the fact of penetration, but the fact that he showed the well-known problem of “shoemaker without shoes”. Apparently, one of the penetrations was accomplished through WordPress, an open source engine with a history of vulnerabilities that could not fit even on a roll of toilet paper:
Several press reports are recruitment experts, including Dan Kaminsky, Jay Beale and Kevin Mitnick were compromised. WordPress, a popular blogging platform.
Dan Kaminsky, to all appearances, was also in no hurry to follow one of the fundamental rules of the observance of information security “do not keep important things in public places”:
')
During the Mitnick attack, the hackers hit the mother lode with Kaminsky. It was a question of how it was a matter of DNS DNS vulnerability, passwords and backlighting.
...
What does it mean to you? It will tell you what the practitioners need.
At sucuri.net/mirror/zf05.txt , available at the time of publication, you can read the "screenplay" hacks.
Source: https://habr.com/ru/post/65737/
All Articles