Commentary

UPDATE: BlackHat, Kinda: 'Real' Black Hats Hack Security Experts

Sara Peters

See more from Sara
Connect directly with Sara: Bio  |  Contact

The rumor here is that the attacks did indeed happen, but the significance of it is actually quite small--not worth paying attention to, since attention is clearly what the attackers are seeking. More info to come... BlackHat, Kinda: Yesterday a hacking group released details (http://r00tsecurity.org/files/zf05.txt) of a number of successful attacks they conducted, apparently with the principal purpose of embarrassing some of the security industry's most well-known experts. The group claims that they collected about 75,000 passwords, including those of a few security experts speaking at the BlackHat Briefings today and tomorrow. "Welcome one and all to the real Black Hat Briefings," reads the site. "Live from the underground, coming right at you free of charge."

Sara Peters July 29, 2009

The rumor here is that the attacks did indeed happen, but the significance of it is actually quite small--not worth paying attention to, since attention is clearly what the attackers are seeking. More info to come...

BlackHat, Kinda: Yesterday a hacking group released details (http://r00tsecurity.org/files/zf05.txt) of a number of successful attacks they conducted, apparently with the principal purpose of embarrassing some of the security industry's most well-known experts. The group claims that they collected about 75,000 passwords, including those of a few security experts speaking at the BlackHat Briefings today and tomorrow.

More Security Insights

White Papers
More >>
Reports
More >>
Webcasts
More >>

"Welcome one and all to the real Black Hat Briefings," reads the site. "Live from the underground, coming right at you free of charge."They go on to say: "This is a big one. We hacked notable whitehats Kevin Mitnick, Dan Kaminsky, and Julien Tinnes, among others. We continued the skiddie holocaust with darkmindz, elitehackers, hak5, binrev, and blackhat-forums. Along the way we created mass mayhem."

Note well: This has not yet been adequately verified and I don't have the skills to verify it myself. I received this from a reliable source that I have every reason to trust and no reason not to, but I'll hold off on making any personal commentary until I have more details. I intend to check in with Dan Kaminsky and Jeff Moss (whom the author also mentions) and see what I can learn.

Amid some biting criticisms (delivered in a rather juvenile tone) of well-known security experts, there is some commentary on the security industry that may be worth a bit of attention -- for example the value (or lack thereof) of penetration testing.

More details, hopefully, to come.

Sara Peters

See more from Sara
Connect directly with Sara: Bio  |  Contact

Related Reading

News

Commentary

Most Popular

On the Web

More On the Web»

Slideshow

Dark Reading Discussions

Start the Discussion


InformationWeek encourages readers to engage in spirited, healthy debate, including taking us to task. However, InformationWeek moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. InformationWeek further reserves the right to disable the profile of any commenter participating in said activities.

Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.