Discussion in 'tech' started by Lain, 11 Jun 2011.
Citigroup acknowledges data security breach
Must not use Macs
Hack of the Day.
Sound of castles crumbling
I love when the 'scene' has been infiltrated. Sounds so dirty.
FBI infiltrates US hacker scene
Hacker Pro Tip: Never work with a partner
Hacker Pro Tip: Never hack if you are afraid of prison and easily intimidated
Hacker Pro Tip: Adrian Lamo is a douche
Hacker Pro Tip: Bragging (confiding) is the fastest way to get your ass in a sling
People who want fame and fortune are in the wrong profession if they've chosen hacking. It's not the same rollercoaster ride as the drugged up rock star train, and when it's over no one's buying your greatest hits albums to support your lifelong habit.
Which historically is how most hackers are caught
This is inaccurate. Most 'hackers', and I use the term loosely, are caught because their ego's begin writing checks their skillset can't cover, and eventually gets them pinched (usually by bragging about their stupidity).
The FBI has never been successful at accomplishing much 'on the scene' or whatever the fuck that's supposed to be. It's not like kids gathered in the local parking lots listening to their stereos and comparing notes on who's got the coolest ride.
This applies to several other categories of 'major crimes' as well. It's just one of those things that law enforcement tries to downplay, for the most part, partially because they don't want the perps to wise up, and partially because it lets them keep pushing out the myth that the jerks were caught through the cops' "super-ninja-sleuthing abilities", instead of DUMB FUCKIN' LUCK...
26,000 sex website passwords exposed by LulzSec
And sometimes hackers are just fooling around and can't believe they got into a server. I was just punching keys around a couple weeks ago and got into a file server and saw all the serial numbers for their company's software and then went -- DOH! I'm not on a proxy!
Yes the ever increasing degradation in the development of software and security policies helps ensure the occasional Wargames scenario is inevitable. What's sad is when those accidental happenings are blamed on the hapless user, rather than the piss poor development team or the lackluster IT Security 'professionals' charged with securing the resources in question.
'Shall we play a game?'
Anonymous targeting Federal Reserve in next attack
Hackers break into Senate computers
WASHINGTON (Reuters) – The Senate's website was hacked over the weekend, leading to a review of all of its websites, in the latest embarrassing breach of security to hit a major U.S.-based institution.
The loosely organized hacker group Lulz Security broke into a public portion of the Senate website but did not reach behind a firewall into a more sensitive portion of the network, Martina Bradford, the deputy Senate sergeant at arms, said on Monday.
Despite the breach, the Sergeant at Arms Office, which provides security for the Senate, said that the breach had not compromised any individual senator's information.
Lulz announced the hack on Monday.
"We were responding to their allegations. Basically what we're saying that the server they got into is for public access and is in the public side," said Bradford.
Lulz Security, who have hacked into Sony's website and the Public Broadcasting System, posted online a list of files that appear not to be sensitive but indicate the hackers had been into the Senate's computer network.
"We don't like the U.S. government very much," Lulz Security said at the top of their release. "This is a small, just-for-kicks release of some internal data from Senate.gov - is this an act of war, gentlemen? Problem?"
The comment refers to reports that the military had decided that it could respond to cyber attacks from foreign countries with traditional military force.
Senate staffers were alerted about the breach late Monday.
"Although this intrusion is inconvenient, it does not compromise the security of the Senate's network, its members or staff," Bradford said in a statement. "Specifically, there is no individual user account information on the server supporting senate.gov that could have been compromised."
"The hackers may have done the equivalent of burglarizing the Senate and bragging because they managed to steal a bunch of souvenirs from the gift shop," said Stewart Baker, a former cyber official at the Department of Homeland Security. He is now with the law firm Steptoe and Johnson.
The Senate has been the frequent target of hacking attacks, with tens of thousands thwarted each month, Senate Sergeant at Arms Terrance Gainer told Reuters in early June.
Still, the break-in is just the latest in a series of embarrassing hacks against companies and organizations.
The International Monetary Fund has been hit, as have Lockheed Martin Corp, Citigroup Inc, Google and Michaels Stores.
The break-in would cause embarrassment at the Senate, said John Bumgarner of the Cyber Consequences Unit, a think tank.
"They're all valid directories," he said after looking at data that Lulz posted online. "This is an especially embarrassing incident for the Senate, because they are often asking others to explain why their cybersecurity programs have failed."
"The information disclosed online ... shows that the intruders had administrator-level access to the Senate server. This access could have potentially been used as a jump-off point to compromise other systems in the network," he said.
Lulz, which is Internet slang for 'laugh out loud,' has claimed hacks into websites owned by Sony Corp. It has also claimed responsibility for defacing the Public Broadcasting Service network websites, and for posting on Monday data from PBS servers to protest a "Front Line" documentary about WikiLeaks.
Lulz claimed credit for breaking into a Fox.com website and publishing data about contestants for the upcoming Fox TV talent show, "X Factor." Fox is a unit of News Corp.
Another loosely affiliated hacking group, Anonymous, gained prominence when it temporarily crippled the websites of MasterCard, Visa and PayPal after they cut off financial services to WikiLeaks.
It has also attacked websites in Syria, Tunisia, Egypt and India for political reasons.
LULZsec brought EVE Online, offline with a DDoS.
DDOS is pretty lame. A 12 year old with a few free server web accounts could do that crap.
Actually, if the system is configured properly it should be fairly difficult to bring down a system like Eve. This is probably a case of bad network practices combined with an abundance of script kiddies with too much time on their hands.
Is it summer after all, schools out and no one goes to summer camp anymore.
Tell the kid he is going to 'Espionage Camp'. When they are walking up the block, have a black van drive up, two guys jump out, throw a sack over the kid's head, throw him in the van and screech off. They can return him in September.
That's totally insane but it might scare some of these little pricks straight. Too much WoW mentality going around these days.
Everything is susceptible to DDOS -- there is no defense if the attack is strong enough. Its just a flood of packets that are more than a system can handle, and every system has a point where it can no longer handle packets. More the fault of companies that offer free web hosting -- which will be a thing of the past very shortly if this continues.
DDOS is a no-brainer attack. Its all muscle and no skill.
Send them to China to goldfarm for the summer. "If you can't do the virtual time, don't do the virtual crime."