Linux Security Series: Recent Hacks of Note (FBI, House.gov,…

Top Page
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: Lisa Kachold
Date:  
To: Main PLUG discussion list
Subject: Linux Security Series: Recent Hacks of Note (FBI, House.gov, Paypal, NSA, DHS, UNC, NYT, EBay, Yahoo and Apache)
FBI Jobs site: http://www.zone-h.org/news/id/4715 and
http://www.zone-h.org/mirror/id/9586698

House.gov House of Reps:
http://voices.washingtonpost.com/securityfix/2009/08/hackers_target_housegov_sites.html?wprss=securityfix

Rogue Paypal certificate available in the wild:
http://news.softpedia.com/news/Rogue-PayPal-SSL-Certificate-Available-in-the-Wild-123486.shtml

Banking theft trojan:
http://news.cnet.com/8301-27080_3-10363836-245.html?tag=newsLeadStoriesArea.1

NSA Hacked: http://www.zone-h.org/mirror/id/9678402 Jan 15, 2009

Department of HomeLand Security:
http://www.theregister.co.uk/2008/04/25/mass_web_attack_grows/

Rogue Ads hit NYT:
http://news.cnet.com/8301-1009_3-10351460-83.html?part=rss&tag=feed&subj=News-Security

Distributed brute force attacks --> Yahoo:
http://tacticalwebappsec.blogspot.com/2009/09/distributed-brute-force-attacks-against.html

Ebay warns of developer password theft:
http://blogs.zdnet.com/security/?p=4038

Apache Hacked:
https://blogs.apache.org/infra/entry/apache_org_downtime_report and
http://www.h-online.com/security/SSH-Key-compromise-takes-Apache-org-offline-Update-2--/news/114115

UNC Hacked:
http://www.networkworld.com/news/2009/092609-unc-data-breach-exposes-163000.html

Phoenix Mars WebSite:
http://www.theregister.co.uk/2008/06/02/hackers_invade_phoenix_mars_website/

NeoSploit: BBC and US Postal Service:
http://www.theregister.co.uk/2008/10/03/neosploit_powered_mass_hack_attack/

HomeOffice Crime Reduction Site UK:
http://www.theregister.co.uk/2008/06/03/home_office_crime_reduction_hack/

Google show us the SQL Inject Infections:
http://www.google.com/search?hl=en&q=%22script+src%3Dhttp%3A%2F%2F*%2F%22%22ngg.js%22|%22js.js%22|%22b.js%22&btnG=Google+Search&aq=f


(Warning don't click the links!) And on .gov sites:
http://www.google.com/search?hl=en&q=site%3A.gov+++%22script+src%3Dhttp%3A%2F%2F*%2F%22%22ngg.js%22|%22js.js%22|%22b.js%22&btnG=Google+Search&aq=f

r00t=y0u.org gets pwnd:
http://www.theregister.co.uk/2009/08/13/undergrownd_forum_pwned/

Other fun "security" news:

Zombie flash cookies:
http://www.wired.com/epicenter/2009/08/you-deleted-your-cookies-think-again/

Linux Administrators hunt wild things for fun:
Setting a trap for SSH hackers:
http://paulmakowski.wordpress.com/2009/09/28/hacking-sshd-for-a-pass_file/
Trapping Romainian SSH brute force crackers:
http://paulmakowski.wordpress.com/2009/09/30/from-pass_file-to-script-kiddies/

Man caught installing a skimmer device to a back ATM:
http://www.threatpost.com/blogs/video-man-caught-installing-skimmer-atm-114

Assa Solo Lock:
http://www.schneier.com/blog/archives/2009/08/hacking_the_ass.html

Of course, this MIT prank was also of note: MIT
http://hacks.mit.edu/Hacks/by_year/2008/toilet/

Free Websecurity from gnucitizen:
http://code.google.com/p/websecurify/downloads/list

--
Skype: (623)239-3392
AT&T: (503)754-4452
www.obnosis.com
http://www.obnosis.com/motivatebytruth/will_work_4_bandwidth.jpg
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss