Posts Tagged ‘anonymous’

Anonymous attack not so anonymous

Posted by spaquet on February 18, 2011  |   Comments Off

An attack by Anonymous on security firm HBGary used a combination of software vulnerabilities and social engineering to pull off a highly sophisticated hack, it has emerged.

A brute force dictionary-based attack on these passwords allowed the miscreants to work out the login credentials used by HBGary Federal employees, including chief exec Aaron Barr and COO Ted Vera. Barr and Vera made the mistake of using the same passwords for their Twitter and LinkedIn accounts.

Crucially the same password was also used to administer a corporate email account, a failing seized upon by Anonymous to extract a cache of corporate emails which were subsequently posted as a torrent, exposing confidential emails. The emails, in turn, revealed who had access to the rootkit.com research site maintained by HBGary, and the probable root access password of the machine hosting the site. [see our article on password reuse here]

A detailed analysis of the hack can be found here.

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.

DDoS as an easy way to revenge (following Julian Assange 2010 arrest)

Posted by spaquet on December 18, 2010  |   Comments Off

Anonymous has launched a broad-ranging campaign in support of Wikileaks, starting with a DDoS assault on a PayPal website.

The denial of service attack lasted for eight hours and resulted in numerous service disruptions, Panda Security reports.

The group, spawned from anarchic message board 4chan, first came to prominence with a long running campaign against the church of Scientology, its beef with the Hubbard faithful centering on their attempts to censor content from the net.

PayPal’s decision to stop processing donations for Wikileaks following its controversial publication of US diplomatic cables as well as the withdrawal of hosting services by Amazon are seen on 4chan and elsewhere as attempts to censor the whistle-blowing site, a development Anonymous intends to oppose

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.