vscribe's blog

"Congressional Web Site Defacements Follow the State of the Union"
- Praetorian Prefect
An interesting problem, that we as the US have, is our denial of Cyberwar - while this post isn't exactly about that, it's close. Last night during or after the President's State of the Union Address, several congressional websites were hacked by Red Eye Crew - Why is this of interest? According to Praetorian Prefect, they were all running Joomla!

One of the defaced sites. Source: Praetorian Prefect

A partial list of defaced sites (49 in total again, all Joomla) are:

On 12/17/2008 around 7:00 PM EST (according to some reports) , Twitter.com was hacked by a group claiming to be the Iranian Cyber Army. The actual attack was a DNS Hijacking (or DNS Poisoning) that resulted in Twitter Users being directed to a page of their choosing.

This old school defacement actually was conducted by 'hijacking' the sites DNS - how they accomplished this is still unknown, the fact is they did. What exactly is a DNS Poisoning or Hijacking?

In a recent Darkreading.com (http://tinyurl.com/yls9s92) article, a hacker by the name Ne0h has exposed a flaw in the Pentagon's public website. Ne0h demonstrated this attack on his blog posting - http://tinyurl.com/ye5847b.

Why this is important is simply as a reminder that even sites with multibillion dollar budgets can have problems. In the case of the pentagon this XSS while somewhat just a demonstration, is important because a flaw was discovered, and surely will lead many more people to try to attack.

Good day and welcome to my blog courtesy of WebEnabled. I'm Tom Canavan, author of the book Joomla! Web Security and web security specialist.

In a recent survey by the Computer Security Institute (http://tinyurl.com/yju2qe6) they found that 43% of the attacks were malware based. Code clearly bent on the destruction of your site.

Additionally both organized crime and terrorists have jumped on the CyberCrime bandwagon (http://tinyurl.com/ydm7wd4).