UPDATE: BlackHat, Kinda: 'Real' Black Hats Hack Security Experts
<i>UPDATE: The rumor here is that the attacks did indeed happen, but the significance of it is actually quite small--not worth paying attention to, since attention is clearly what the attackers are seeking. More to come.</i>
UPDATE: The rumor here is that the attacks did indeed happen, but the significance of it is actually quite small--not worth paying attention to, since attention is clearly what the attackers are seeking. More to come.
BlackHat, Kinda: Yesterday a hacking group released details (http://sh0dan.org/zf05.txt) of a number of successful attacks they conducted, apparently with the principal purpose of embarrassing some of the security industry's most well-known experts. The group claims that they collected about 75,000 passwords, including those of a few security experts speaking at the BlackHat Briefings today and tomorrow.
"Welcome one and all to the real Black Hat Briefings," reads the site. "Live from the underground, coming right at you free of charge."They go on to say: "This is a big one. We hacked notable whitehats Kevin Mitnick, Dan Kaminsky, and Julien Tinnes, among others. We continued the skiddie holocaust with darkmindz, elitehackers, hak5, binrev, and blackhat-forums. Along the way we created mass mayhem."
Note well: This has not yet been verified and I don't have the skills to verify it myself. I received this from a reliable source that I have every reason to trust and no reason not to, but I'll hold off on making any personal commentary until I have more details. I intend to check in with Dan Kaminsky and Jeff Moss (whom the author also mentions) and see what I can learn.
Amidst some biting criticisms (delivered in a rather juvenile tone) of well-known security experts, there is some commentary on the security industry that may be worth a bit of attention--for example the value (or lack thereof) of penetration testing.
More details, hopefully, to come.
About the Author
You May Also Like
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024