Alleged Foxconn hack allowed bogus orders to be placed for vendors

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.appleinsider.com/articles/12/02/09/alleged_foxconn_hack_allowed_bogus_orders_to_be_placed_for_vendors.html

By Josh Ong
Apple Insider
February 9, 2012

A "Greyhat" hacking group announced this week that it had successfully 
hacked contract manufacturer Foxconn and released usernames and passwords 
for vendors that could be used to place fraudulent orders for companies 
like Apple and Microsoft.

Swagg Security published a statement on Wednesday taking credit for 
hacking the company's servers. The group cited "the hilarity that ensues 
when compromising and destroying an infrastructure" as the reason for its 
actions.

They did, however, also state that they were "considerably disappointed" 
with the inhuman working conditions at Foxconn and were also "slightly 
interested in the existence of an Iphone 5," but they denied that those 
were reasons for their hack.

"We aim to to reshape your perspectives, our perspectives, by the inducing 
of entertainment. A unique approach to spreading a unique philosophy which 
brings the sought after tranquility. In a way we are "hacktivist", but in 
our own views we are Greyhats," the group wrote.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Small, inexpensive USB drives pose huge threats to organizations left unprotected. 
Download Chapter 1 of CREDANT Technologies eBook
Data Protection to the Rescue
http://www.credant.com/campaigns/external_media_ebook/chapter1/lp/