Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Incompetent DDoS Security Company Gets Hacked
#1
Thumbs Down 
http://arstechnica.com/security/2016/03/...y-company/
Telnet. That is unbelievable.
Quote:The dump, in a hacker "e-zine" format, begins with a note from the attacker. Sarcastically titled "TIPS WHEN RUNNING A SECURITY COMPANY," it details the security holes found during the breach:
  • Use one root password for all the boxes
  • Expose PDU's [power distribution units in server racks] to WAN with telnet auth
  • Never patch, upgrade or audit the stack
  • Disregard PDO [PHP Data Objects] as inconvenient
  • Hedge entire business on security theatre
  • Store full credit card info in plaintext
  • Write all code with wreckless [sic] abandon
Valve hater, Nintendo hater, Microsoft defender, AMD hater, Google Fiber hater, 4K lover.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)