Monday, March 12, 2012

Daily Attack Round Up Annoymous hacks Vatican and 'The Consortium' Attacks Porn Site

The following two hacking attacks are been reported in the news today.

- Anonymous has hacked the Vatican for a second time. The website for the Catholic Church,vatican.va, is currently down. Unlike the first hack, which appeared to be a typical Distributed Denial of Service (DDoS) attack, this one is more than just taking down the website. The main target of the new strike is Vatican Radio, and today’s attack is possible because of a backdoor Anonymous created for itself the first time around.

- A group of hackers calling themselves The Consortium is claiming to have accessed user data of over 70,000 users of the pornography website Digital Playground,according to Adult Video News.

In addition here is a funny take on the recent Ruby on Rails vulnerability https://lwn.net/Articles/485325/

For a more serious assessment check out the following post from errata security  on the attack which describes the vulnerability as follows
For those who don’t speak Russian or Ruby-on-Rails, I thought I’d translate the recent GitHub hack controversy.
The underlying issue is an “Insecure Direct Object Reference”, #4 on the OWASP Top 10 list of most important web-application vulnerabilities. It means that that a hacker can change what's in the website database without having permission.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.