Attacks/Breaches
12/8/2011
08:39 AM
Tim Wilson
Tim Wilson
Quick Hits
50%
50%

Resurgent LulzSec Attacks Government Sites In Portugal

Hacktivist group responds to reports of police brutality in country

The hacktivist group LulzSec was back in action last week, launching distributed denial-of-service (DDoS) attacks on government websites in Portugal.

The group says it was driven to the attacks by Portuguese austerity measures, social inequalities, and recent police violence against demonstrators during a protest on Nov. 24, according to news reports.

On Friday, LulzSec Portugal launched a DDoS attack against the website of Banco de Portugal (Bank of Portugal), making the site inaccessible, according to the reports. In addition to taking down the Bank of Portugal website, LulzSec Portugal has been credited with successful attacks on numerous state services. Earlier this week, LulzSec disabled the websites of the Portugal House of Parliament, several political parties, and the national police.

Last Sunday, LulzSec Portugal released the name, rank, identification number, contact information, and employment history for more than 100 national police officers believed to have taken part in the police. "2011 is the year of revolutions and the biggest hacks in history (until now ..)," the group said in an online statement. "We are creating a way for the revolution global."

Have a comment on this story? Please click "Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message. Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-0547
Published: 2015-07-04
The D2CenterstageService.getComments service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended read-access restrictions via unspecified vectors.

CVE-2015-0548
Published: 2015-07-04
The D2DownloadService.getDownloadUrls service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended read-access restrictions via unspecified vectors.

CVE-2015-0551
Published: 2015-07-04
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before P2...

CVE-2015-1966
Published: 2015-07-04
Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before FP17, 6.2.1 before FP9, and 6.2.2 before FP15, as used in Security Access Manager for Mobile and other products, allow remote attackers to inject arbitrary web script or HTML via a crafte...

CVE-2015-2964
Published: 2015-07-04
NAMSHI | JOSE 5.0.0 and earlier allows remote attackers to bypass signature verification via crafted tokens in a JSON Web Tokens (JWT) header.

Dark Reading Radio
Archived Dark Reading Radio
Marc Spitler, co-author of the Verizon DBIR will share some of the lesser-known but most intriguing tidbits from the massive report