Attacks/Breaches
2/6/2012
12:17 PM
Connect Directly
RSS
E-Mail
50%
50%

Who Is Anonymous: 10 Key Facts

Anonymous 'hacktivists' aim to expose what they call government and establishment hypocrisy. Take a closer look at the group, its offshoots, and its infamous attacks.
Previous
3 of 10
Next


One of the most fascinating chapters in Anonymous history concerned Aaron Barr, the CEO of HBGary Federal, who'd bragged about how he'd infiltrated Anonymous, and was set to reveal the identities of its key leaders. Anonymous responded by hacking into HBGary's email server less than 24 hours later, and claimed that a 16-year-old girl had socially engineered the social-media-friendly Barr. Anonymous (including future LulzSec leader Sabu, the rumor goes) then released a slew of emails claiming that HBGary had been retained by Bank of America--on the recommendation of the Department of Justice--to help it wage an anti-WikiLeaks campaign, after the whistle-blowing website claimed to have damning emails about the bank's practices. Other emails, meanwhile, detailed secret cyber-warfare tool-building programs, as well as legally questionable activities. Barr, meanwhile, cancelled his appearance on a DefCon July 2011 panel titled "Whoever Fights Monsters: Aaron Barr, Anonymous, and Ourselves."

Photo: Day 9 Occupy Wall Street September 25 2011 by David Shankbone, Flickr. Used with permission via a Creative Commons license.

RECOMMENDED READING

Black Hat Pwnies Nominate LulzSec, Anonymous

LulzSec Hackers Retire: Time To Rethink Risk

Cracking Bin Laden's Hard Drives

14 Enterprise Security Tips From Anonymous Hacker

Twitter Must Turn Over Records In Wikileaks Case

Previous
3 of 10
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
rjones2818
50%
50%
rjones2818,
User Rank: Moderator
5/22/2012 | 7:05:52 PM
re: Who Is Anonymous: 10 Key Facts
Interesting article. The Guy Fawkes mask idea is from the graphic novel for 'V for Vendetta' by Alan Moore and David Lloyd.
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0103
Published: 2014-07-29
WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files.

CVE-2014-0475
Published: 2014-07-29
Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable.

CVE-2014-0889
Published: 2014-07-29
Multiple cross-site scripting (XSS) vulnerabilities in IBM Atlas Suite (aka Atlas Policy Suite), as used in Atlas eDiscovery Process Management through 6.0.3, Disposal and Governance Management for IT through 6.0.3, and Global Retention Policy and Schedule Management through 6.0.3, allow remote atta...

CVE-2014-2226
Published: 2014-07-29
Ubiquiti UniFi Controller before 3.2.1 logs the administrative password hash in syslog messages, which allows man-in-the-middle attackers to obtains sensitive information via unspecified vectors.

CVE-2014-3020
Published: 2014-07-29
install.sh in the Embedded WebSphere Application Server (eWAS) 7.0 before FP33 in IBM Tivoli Integrated Portal (TIP) 2.1 and 2.2 sets world-writable permissions for the installRoot directory tree, which allows local users to gain privileges via a Trojan horse program.

Best of the Web
Dark Reading Radio