lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <02fa01c25ff7$1cb5ea00$1e01320a@drizzt>
From: nexus at patrol.i-way.co.uk (Nexus)
Subject: openssl exploit code (e-secure-it owned)

> > However, you could acknowledge that we were not the
> > only one at the same time. Untold security companies
> > and  sites were defaced  by PoizonB0x and others
> > in that very same period. Including: SecurityNewsportal, CNet,
> > Attrition, Lucent. Microsoft (18 times in total?), SANS,
> > CERT,  SecurityFocus and many others.
>
> Was SecurityFocus actually defaced?  I thought they wacked an add server
> that then placed a hacked banner on the SF site.  I could be wrong though.

Defaced, yes.   Compromised, no.
http://www.attrition.org/security/commentary/secfocus.html

See http://www.attrition.org/errata/irony.html for similar amusement ;-)
Also see the ton of RFC1918 addresses and MTA banners littering the SMTP
headers of "security" firms on this list...

Cheers.



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ