[AusNOG] Anonymous Threatens to Expose Data from an Australian ISP
Kym Kovan
tech-lists at mbcomms.net.au
Wed Jul 25 17:52:09 EST 2012
On 25/07/2012 16:21, Jason Leschnik wrote:
> Hmm, I wonder.
>
> http://go.bigpond.com/services/domain-hosting/premiumhosting-macromedia-coldfusion/
wow, that is seriously old. Several versions of ColdFusion ago, and
there was an upload file vulnerability in the embedded fckeditor back
then, long since patched.
>
> On Wed, Jul 25, 2012 at 4:08 PM, PRK <ausnog at digitaljunkie.net> wrote:
>> Looks like Mark's on the money.
>>
>> http://www.scmagazine.com.au/News/309766,anonymous-to-release-40gb-cache-from-hacked-isp.aspx
>>
>> "But they said the telco was "one of Australia's largest".
>>
>> The cache was said to be a 40Gb database backup and was accessed through an
>> unpatched Adobe ColdFusion vulnerability.
>>
>> The hacker said the unnamed telco later found and removed the remote shell
>> they uploaded to the server and patched the vulnerability."
>>
>> prk.
>>
>> On 2012-07-25 12:10, Mark Newton wrote:
>>
>> On Wed, Jul 25, 2012 at 11:53:33AM +0800, Damian Guppy wrote:
>>
>> > If they do follow through with these threats they aren't going to
>> > target a specific ISP, like you implied they are going to go after all
>> the
>> > ISP's at the same time and whoever gets breached first will have their
>> > information posted.
>>
>> More likely that they've already breached someone, have already
>> exfiltrated the data, and have it ready for publication right
>> now.
>>
>>
>> - mark
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>>
>>
>
--
Yours,
Kym Kovan
mbcomms.net.au
More information about the AusNOG
mailing list