Secunia has been hacked by TurkGuvenligi, I believe its a defacing hack but just so people know I though I would post this know, I'm sure this will be sorted by morning. I believe its a redirection but not sure. This defacement of sites by the peace crew has happened before.
Still down at 07.00AM today, says a lot about Secunia and "security" that they have not even taken their site off line after all these hours.
Quote from: DorsetBoy on Nov 25, 2010, 07:06:39
Still down at 07.00AM today, says a lot about Secunia and "security" that they have not even taken their site off line after all these hours.
Thats bad Dorset :shake: Sorry about the Typos in that message I was very tired :red: Secunia was hacked at least 8 hours ago, or the DNS was redirected, I am surprised no one did anything :shake:
That is worrying when it happens to a security firm. :shake:
http://isc.sans.edu/diary.html?storyid=9994&rss
After the YouTube problems of the weekend it makes you think the whole 'net is becoming vulnerable, doesn't it.
Quote from: DorsetBoy on Nov 25, 2010, 09:28:21
http://isc.sans.edu/diary.html?storyid=9994&rss
They have done this before, I think the same Turkish movement did it to msn in New Zealand by redirecting DNS searches to New Zealands msn new pages.
Quote from: Rik on Nov 25, 2010, 09:32:46
After the YouTube problems of the weekend it makes you think the whole 'net is becoming vulnerable, doesn't it.
It is, Rik. :(
If the DNS was fiddled with it may well have been corrected but the changes can take 24-48 to filter through the root servers.
Quote from: pctech on Nov 25, 2010, 09:35:14
If the DNS was fiddled with it may well have been corrected but the changes can take 24-48 to filter through the root servers.
Could be, Mitch.
I know when I registered my .com which I use for mail in 2005 it took about 48 hours for the changes to be visible across the net.
Well, these things will keep happening and they have been happening for years. There must be a lot of kudos for hackers to break a security site's security. I posted this one about Kaspersky just under two weeks ago, though Rik was the only one who noticed :bawl:
Quote
Kaspersky download site hacked to spread fake AV
UPDATE: According to a report in ITPro by Jennifer Scott, Kaspersky have been in touch to confirm that their servers were in fact compromised and the redirection was very real. The breach was made by exploiting "a third party app used for site admin". The malicious redirection was in place for three and a half hours.
More here (http://countermeasures.trendmicro.eu/kaspersky-download-site-spread-fake-av/)
The most powerful tool against these things taking hold is vigilance. The Kaspersky hack was malicious. This Secunia one is merely embarrassing.
Quote from: armadillo on Nov 25, 2010, 14:09:12
I posted this one about Kaspersky just under two weeks ago, though Rik was the only one who noticed :bawl:
I try. ;) But then note the name of the author. ;D
Wasn't the idea of DNSSEC to prevent this?