Auditing an Oracle database for security issues is very important. PeteFinnigan.com provides all of the information and tools that you will need Click here for details of PeteFinnigan.com Limited's detailed Oracle database security audit service Click here for details of PeteFinnigan.com Limited's Oracle Security Training Courses
Cookie Policy:We only use essential cookies on small sections of this website. For details see here.

Welcome, Guest. Please Login.
Nov 19th, 2017, 4:38am
News: Welcome to Pete Finnigan's Oracle security forum
Home | Help | Search | Members | Login
   Pete Finnigan's Oracle Security Forum
   Security In General
   Security
(Moderator: Pete Finnigan)
   How Anonymous hacked HBGary
« Previous topic | Next topic »
Pages: 1  Reply | Notify of replies | Send Topic | Print
   Author  Topic: How Anonymous hacked HBGary  (Read 4161 times)
Marcel-Jan
PeteFinnigan.com Junior Member
**






   
View Profile | WWW |

Gender: male
Posts: 83
How Anonymous hacked HBGary
« on: Mar 3rd, 2011, 8:07am »
Quote | Modify

Ars Technica explains how the hacker group Anonymous hacked security corporation HBGary.  
http://arstechnica.com/tech-policy/news/2011/02/anonymous-speaks-the-ins ide-story-of-the-hbgary-hack.ars
 
The gist of it:
- They used a SQL injection leak in the Content Management Software
- They found tables with users, email addresses and MD5 password hashes.
- They hacked the MD5 password hash of the CEO because his password wasn't complex enough.
- HBGary apparently used Gmail as company mail and they used the account details of the CEO to log in. It worked.
- They used social engineering to ask the system administrator to give them access to the servers.
 
It's a very interesting read, if only that it shows that even firms that should be security experts are apparently at risk.
« Last Edit: Mar 3rd, 2011, 8:08am by Marcel-Jan » IP Logged
Pages: 1  Reply | Notify of replies | Send Topic | Print

« Previous topic | Next topic »

Powered by YaBB 1 Gold - SP 1.4!
Forum software copyright 2000-2004 Yet another Bulletin Board