|
|
發表於 2011-8-31 14:35:21
|
顯示全部樓層
本帖最後由 MsLittle 於 2011-8-31 14:37 編輯
假波男 發表於 2011-8-30 18:44
這個討論,或者轉一個方向吧,
其實,hacking系經常性,
記得我仲系呢行時,每晚總有
As an illustration here is some security news of the last few days.
Source: http://www.sans.org/newsletters/ ... 68&rss=Y#sID304
British Man Charged in Connection With Anonymous DDoS Attack (August 25)
A 22-year old student named as Peter David Gibson has been charged by British police for his alleged role in Distributed Denial of Service attacks carried out earlier this year under the banner of the Anonymous collective. Gibson was one of six people arrested in April by members of the Police Central e-Crime Unit (PCeU) for their allegedly taking part in the DDoS attacks carried out last January against a number of companies including MasterCard and PayPal. Gibson was charged with conspiracy to "do an unauthorized act in relation to a computer, with intent to impair the operation of any computer or prevent or hinder access to any program or data held in a computer or to impair the operation of any such program or the reliability of such data," contrary to Section 1(1) of the Criminal Law Act 1977. He is due to appear before Westminster magistrates court in London on September 7 to face the charges.
(The British police took 8 months to find their guy whereas the HK police took several days to find the HKEX scapegoat!)
Apache Warns of Denial-of-Service Attack Vulnerability (August 24)
A warning has been issued to owners of websites powered by the Apache webserver software of a vulnerability which can be exploited using a relatively low number of requests directed at the server to cause a Denial of Service condition. A tool to exploit the vulnerability called "Apache Killer" has been released onto the Internet. The vulnerability was originally identified over four years ago and impacts servers running all versions in the 1.3 and 2.0 releases. A patch for the vulnerability should be released by the evening of August 26, but as release 1.3 is no longer supported, the patch will only apply to versions 2.0 and 2.2.
U.S. Firms Targeted In Online Sabotage Attack (August 23)
The FBI is investigating what appears to be an online sabotage attack which took place last year against a number of US online firms specializing in selling batteries online. In total the attacks, which happened in October 2010, have caused victims estimated financial losses of more than US$ 600,000. Analysis of the audit logs on the victims' servers indicate the attacks appear to have originated from botnets controlled by IP addresses located within Russia. While the attacks may have originated Russia, it is believed that they were sponsored by a US based competitor of the victim companies looking to inflict financial losses.
Security Breach Exposes 20,000 Log-ins (August 24)
A security breach at an events management company, Allianceforbiz.com, has exposed sensitive personal data belong to 20,000 people, including a large number of US government employees and contractors. The information was released in a spreadsheet posted to the Internet; it contained usernames, passwords, email addresses and whether the individual worked for a US government agency. Allianceforbiz.com is a trade show management company that manages conferences, meetings and trade shows on behalf of its customers. The individual claiming responsibility for the attack is said to be a supporter, but not a member, of the infamous Anonymous organization already linked to a myriad of break-ins to systems and applications worldwide.
Ukrainian Authorities Arrest Suspected Credit Card Fraud Gang (August 22)
In a statement released on Monday, the Ukraine's security service, SBU, said that earlier this month it arrested four people suspected of being in a gang responsible for up to US$ 20 million in fraudulent credit card transactions. The four accused are alleged to have broken into the computer systems of Ukrainian and international financial institutions and to have stolen the information necessary to create fake credit cards. The SBU stated that as part of the arrests, it also seized computer systems and equipment containing 100,000 financial records of individuals.
|
|
樓主: liondog
在線雷達
