CONTACT_US_BRIDAL

What’s HOT in Application Security Vol #28

Sep 12, 2012 By asaphs

Web hosting company GoDaddy hacked

GoDaddy, the web hosting service provider was hacked on Monday by a supporter of Anonymous, a self-proclaimed group of rogue hackers. The attack also affected many of GoDaddy’s customers.

The attack caused GoDaddy and many of the company’s 10.5 million customer’s web sites to go down for several hours on Monday afternoon. The person behind the attack claimed that the GoDadddy and its affiliated sites collapsed under a flood of traffic caused by a DDoS attack.

This is not the first time that GoDaddy has been victim to the Anonymous hacking group. Last December the web hosting service was briefly crippled by another similar attack due to its support of a Congressional Stop Online Piracy Bill that would have made it possible for copyright owners to receive court orders to remove sites for practicing or aiding piracy. GoDaddy relented on its support for the bill after customers began transferring their sites to web hosting competitors due to fear of hacking attacks.

For more information please see:

http://bits.blogs.nytimes.com/2012/09/10/member-of-anonymous-takes-credit-for-godaddy-attack

Domino’s Pizza India website hacked

The official website of the popular pizza chain was hacked this week by the Turkish hacking group who call themselves the Ajan Hacker Group. Details of 37,000 accounts, including names, passwords and other personal account information was leaked online.

According to initial reports, the hackers used SQL injection and remote file inclusion to attack Domino’s website. More concerning was the fact that the group released the information in plain text; an easy task considering that the company had stored them as unencrypted plain text.

SQL injection and remote file inclusion are some of the most common ways of extracting information from web databases. It is also probable that the hackers obtained administrative access to other internal company domains leaving the possibility of future attacks as well.

For more information please go to:

http://www.firstpost.com/tech/dominos-pizza-india-website-hacked-by-turkish-group-451080.html

Israeli Hacker gains access to highly sensitive court documents

Israeli hacker, Moshe Halevi, was arrested this week on suspiscioun of hacking into the Israeli courts records and gaining access to several thousands of case files- many of which were extremely classified documents.

An investigation was launched several months ago when details about an extremely high profile Tel Aviv rape case were surprisingly leaked. Halevi succeeded in obtaining access to some of the most highly protected and secret security related investigations for a period of four years. Some of the most high profile cases are the ones relating to the former prime minister and a highly secretive espionage case.

Hackers launch DDoS attacks on UK, US and Swedish Government Websites

In a bid to embarrass countries who are pursuing Wikileaks founder Julian Assange, hackers have launched a series of DDoS attacks on UK, US and Swedish government websites. Last week Swedish websites that were affected by the attack included its armed forces and the Swedish institute. Sites in the US that were affected included the US department of State, Department of Education and Harvard University. Similarly, in the UK, the MI5 site sis.gov.uk and mi5.gov.uk were reportedly down for a number of hours.

The latest attacks are part of a series of hacker campaigns in support of Wikileaks founder Julian Assange.

For more information please go to:

http://www.computerworld.in/news/hacktivists-launch-ddos-attacks-uk-us-and-swedish-government-websites-27282012

Image credit: bloggerfinds.com

The following two tabs change content below.

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.