Auditing an Oracle database for security issues is very important. provides all of the information and tools that you will need Click here for details of Limited's detailed Oracle database security audit service Click here for details of Limited's Oracle Security Training Courses
Cookie Policy:We only use essential cookies on small sections of this website. For details see here.

Welcome, Guest. Please Login.
Jan 20th, 2018, 7:16am
News: If you would like to register contact the forum admin
Home | Help | Search | Members | Login
   Pete Finnigan's Oracle Security Forum
   Security In General
(Moderator: Pete Finnigan)
   How Anonymous hacked HBGary
« Previous topic | Next topic »
Pages: 1  Reply | Notify of replies | Send Topic | Print
   Author  Topic: How Anonymous hacked HBGary  (Read 4226 times)
Marcel-Jan Junior Member

View Profile | WWW |

Gender: male
Posts: 83
How Anonymous hacked HBGary
« on: Mar 3rd, 2011, 8:07am »
Quote | Modify

Ars Technica explains how the hacker group Anonymous hacked security corporation HBGary. ide-story-of-the-hbgary-hack.ars
The gist of it:
- They used a SQL injection leak in the Content Management Software
- They found tables with users, email addresses and MD5 password hashes.
- They hacked the MD5 password hash of the CEO because his password wasn't complex enough.
- HBGary apparently used Gmail as company mail and they used the account details of the CEO to log in. It worked.
- They used social engineering to ask the system administrator to give them access to the servers.
It's a very interesting read, if only that it shows that even firms that should be security experts are apparently at risk.
« Last Edit: Mar 3rd, 2011, 8:08am by Marcel-Jan » IP Logged
Pages: 1  Reply | Notify of replies | Send Topic | Print

« Previous topic | Next topic »

Powered by YaBB 1 Gold - SP 1.4!
Forum software copyright 2000-2004 Yet another Bulletin Board