lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 7 Oct 2014 21:42:32 +0200
From: Pål Nilsen <paal.nilsen@...il.com>
To: Jonathan Hall <jhall@...uresouth.us>
Cc: fulldisclosure@...lists.org
Subject: Re: [FD] Yahoo! hacked on October 5, 2014...

I guess this is related?: https://news.ycombinator.com/item?id=8416393
On 7 Oct 2014 20:51, "Jonathan Hall" <jhall@...uresouth.us> wrote:

> I submitted to Yahoo! earlier some documentation detailing both the
> "shellshock"/bash vulnerability and how my research on it lead me to
> discovering that Yahoo!'s internal servers had been compromised, and that
> the individuals were working on traversing their network. It was not until
> I contacted several media outlets and the FBI that they actually responded.
> However, once they responded, they did confirm the servers were breached.
> Their answer to the lack of contact methods available is absolutely absurd
> in my opinion. In fact, the entire response was a joke. The fact that they
> informed me I could have used the bug bounty system to report it - though
> it's not eligible for a bounty - is equivalent to saying - "Thanks, but so
> we're clear, we don't owe you crap, but let us know if anything else comes
> up." Perhaps if they weren't busy paying CEO's absurd salaries, they could
> afford to hire an IT staff that's not fresh out of ITT Technical Institute
> and sporting pull-ups.
>
> Please see the rest of everything related to this at
> http://www.futuresouth.us/yahoo_hacked.html Andhttp://
> www.futuresouth.us/yahoo_response.jpg for their response. Email copy has
> been attached.
>
> Non-authoritative answer: Name: dip4.gq1.yahoo.com Address: 63.250.204.25
>
> Non-authoritative answer: Name: api118.sports.gq1.yahoo.com Address:
> 10.212.240.43
>
> These are the two servers that were 100% positively identified as being
> compromised, with the dip4.gq1.yahoo.com server being the initial point
> of entry via Shellshock.
>
> Jonathan D. Hall
>
> Future South Technologies
> www.futuresouth.us
> (504) 470-3748 - [main]
> (504) 232-3306 -  [cell]
>
>
> Life is a dream for the wise, a game for the fool, a comedy for the rich
> and a tragedy for the poor.
>
>
> _______________________________________________
> Sent through the Full Disclosure mailing list
> http://nmap.org/mailman/listinfo/fulldisclosure
> Web Archives & RSS: http://seclists.org/fulldisclosure/
>

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists