Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Fwd: Rate Stratfor's Incident Response
From: Jeffrey Walton <noloader () gmail com>
Date: Sat, 7 Jan 2012 14:10:36 -0500

http://bolt.thexfil.es/84e9h!t was an interesting link - it
demonstrated the pwnage.

It looks like these folks gained access via PHP. Stratfor was using a
Linux based system system, but PHP was version 1.8
from 2009 (perhaps with some back patches). Current version of PHP is
5.3.8 (http://www.php.net/).

Two lessons: (1) keep your boxes patched, and (2) don't store secrets
in the plain text, or use [unsalted] MD5 to digest secrets.

Fuck me running - that's been known for years.... I think Stratfor
broke all the major tenets of data security. The company deserves
everything they get in this instance.

And I like the RickRoll - it was a nice touch which really
demonstrated a level of caring not often seen.

Jeff

On Sat, Jan 7, 2012 at 9:51 AM, Ed Carp <erc () pobox com> wrote:
ROFL!!!

---------- Forwarded message ----------
From:  <george.friedman () stratfor com>
Date: Sat, Jan 7, 2012 at 2:33 AM
Subject: Rate Stratfor's Incident Response
To: erc () pobox com


For the video announcement, please see
http://www.youtube.com/watch?v=oHg5SJYRHA0
Read full press release: http://bolt.thexfil.es/84e9h!t
Rate Stratfor's incident response:
http://img855.imageshack.us/img855/9055/butthurtreportform.jpg

Hello loyal Stratfor clients,

We are still working to get our website secure and back up and running
again as soon as possible.

To show our appreciation for your continued support, we will be making
available all of our premium content *as a free service* from now on.

We would like to hear from our loyal client base as to our handling of
the recent intrusion by those deranged, sexually deviant criminal
hacker terrorist masterminds. Please fill out the following form and
return it to me

My mobile: 512-658-3152
My home phone: 512-894-0125

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]