Yesterday while wandering the tubes of the interweb I came across this story. It turns out that in years gone by the City of Detroit gave Saddam Hussein the key to the city. I found this rather amusing and shared it with others on Twitter. A few moments later someone informed me that coincidentally the City of Detroit’s website had been defaced. I’ve saved a copy (.zip file).
Odd timing to say the least.
Well, this morning I decided to have a look. Sure enough, it’s still defaced. I grabbed a screen shot for posterity. Call it a hunch but, I think some IT person might be on the job hunt on Monday morning.
City of Detroit: link
In a moment of severe irony the Australian Censorship Board had their website hacked (snicker) according to the folks at Wired.
This group has raised the ire of many folks concerning their attempts to censor online content. In addition to typical negative content categories they are also looking to block “websites of a tour operator, Queensland boarding kennel and a Queensland dentist. It also includes the Wikileaks website.”
From Wired:
Australia’s official online censorship board’s web page was offline Thursday, hours after hackers hijacked it to protest revelations the government was going to require ISPs to block public access to thousands of websites, many of which aren’t obscene. (including a dentist)
Anonymous hackers defaced the Censorship Board’s homepage — classification.gov.au — and restated the board’s public message in a chilling and humorous tone.
At the time of this posting (2.5 hours later) the site was still offline.
From ABC News Australia:
“Apparently without irony, ACMA threatens fines of up to $11,000 a day for linking to sites on its secret, unreviewable, censorship blacklist – a list the Government hopes to expand into a giant national censorship machine.”
Um, bite me ACMA.
For more on this story read the full article at Wired.
The alarm bells started ringing this week after the Hadron Collider at CERN went online. But, not for any problem with the system itself. Rather, a website related to it was defaced.
From The Telegraph:
Now it has emerged that, as the first particles were circulating in the machine near Geneva, a Greek group had hacked into the facility and displayed a page with the headline “GST: Greek Security Team.”
The people responsible signed off: “We are 2600 – dont mess with us. (sic)”
The website – cmsmon.cern.ch – can no longer be accessed by the public as a result of the attack.
This normally wouldn’t be too much of a problem however the network hosting the webserver was a little too close to this behemoth of a machine. How close you ask?
If they had hacked into a second computer network, they could have turned off parts of the vast detector and, said the insider, “it is hard enough to make these things work if no one is messing with it.”
Fortunately, only one file was damaged but one of the scientists firing off emails as the CMS team fought off the hackers said it was a “scary experience”.
Um, whut?
Why isn’t this 3 billion € machine segregated? This seems to be akin to attaching a SCADA network to the internet. Not this wisest idea. So what was this website running on before it got taken down? Well, as of Sept 10th it was reporting “Apache/2.2.4 (Unix) DAV/2 proxy_html/2.5 mod_jk/1.2.20 mod_ssl/2.2.4 OpenSSL/0.9.8d ” on Netcraft. Well, running a pwnable version of Apache is a good indication of how they got access.
So, CERN, looking for some infosec staff?
For the full article read on.
Tags: CERN, Hadron Collider, CMS, Defacement
Well, I have to admit I only just saw this one this morning. Since it’s a long weekend(ish) here in Canada I wasn’t planning on updating the site until Wednesday. This one is something worth sharing. I figured I’d pass it along.
A group calling itself “NetDevilz” defaced the homepages for ICANN & IANA.
Ouch.
From Websense:
Websense® Security Labs™ has received reports that the official website of ICANN and IANA Domains have been hijacked by a Turkish group called “NetDevilz”. ICANN and IANA are responsible for the Internet Protocol (IP) address space allocation, protocol identifier assignment, generic (gTLD) and country code Top Level Domain Name System management, and root server system management functions.
For the full advisory please read on.
For more on this check out Dancho Danchev’s posting on his site.
