Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
No More Jail Time: LulzSec's Sabu Sentenced to Time Served
Newest First  |  Oldest First  |  Threaded View
Bprince
50%
50%
Bprince,
User Rank: Ninja
5/28/2014 | 7:06:43 PM
Short time
Not much of a penalty considering the amount of time he was facing and the activities he was involved in. Granted his cooperation was extensive, but seven months doesn't seem like much.

BP
securityaffairs
50%
50%
securityaffairs,
User Rank: Ninja
5/28/2014 | 4:56:40 PM
Re: Back online
This is a dangerous precedent. Sabu is a criminal, but it has been judged as an hero.
You can trust who has betrayed his beliefs?
We will heve 100, 1000 other SABU in the incoming months ... but they will not mitigate hacktivism cyber threat for sure.
The only way to face hacktivism is to listen their voice ... you cannot arrest an ideology.
Sara Peters
50%
50%
Sara Peters,
User Rank: Author
5/28/2014 | 3:09:36 PM
Re: Back online
@Whoopty  That's a great point. I wonder if he'll go into witness protection. And I also wonder how good the US marshalls are at the electronic side of witness protection. I mean, if anyone could track down a person who changed their identity, it's a team of criminal hackers.
Sara Peters
50%
50%
Sara Peters,
User Rank: Author
5/28/2014 | 3:07:42 PM
Re: Romancing the Hack
@Kelly  Yeah, that struck me too, as long as you choose to believe that he really did flip as quickly and eagerly as they said he did. Still, if you were facing over 20 years in prison, you'd probably want to do whatever you could to lighten your sentence.
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
5/28/2014 | 12:20:49 PM
Re: Back online
Good point, @Whoopty. He may want/need to stay under the radar for a very long time.
Whoopty
50%
50%
Whoopty,
User Rank: Ninja
5/28/2014 | 12:17:56 PM
Back online
I wonder if he'll be taking his first tentative steps back online in the next few days. Considering he's rolled over on so many other hackers, he'll have to watch his digital back for a long time to come. Must be pretty nerve racking. 
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
5/28/2014 | 7:50:38 AM
Re: Romancing the Hack
What was most interesting to me in this case was how quickly Sabu flipped, and also gave up info on other illegal hacks he had done that the the FBI didn't even know about. 
RetiredUser
100%
0%
RetiredUser,
User Rank: Ninja
5/27/2014 | 10:36:12 PM
Romancing the Hack
While the idea of renegade teams of cyber-warriors may sound appealing, ultimately the classic and safest hackers run solo and silent.  Say what you will about the actual skill-set of LulzSec, their real Achilles heel was the group itself.  With that many official, semi-official and wannabe members, there was bound to be poorly thought-out activities, arrests and sell-outs.

I think more of these bright young minds would be happier on the "white" side of the hack, rather than out there romancing it, when they realize prison, paranoia and the persistence of agencies like the CIA and FBI will no longer be part of their future.  Being in love with tech and with the hack doesn't mean you can't also be in love with your fellow human.  Let's see some more good being done out there; hack a solution to global sex trafficking or famine.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-32066
PUBLISHED: 2021-08-01
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the c...
CVE-2021-37759
PUBLISHED: 2021-07-31
A Session ID leak in the DEBUG log file in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID).
CVE-2021-37760
PUBLISHED: 2021-07-31
A Session ID leak in the audit log in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID).
CVE-2020-26564
PUBLISHED: 2021-07-31
ObjectPlanet Opinio before 7.15 allows XXE attacks via three steps: modify a .css file to have <!ENTITY content, create a .xml file for a generic survey template (containing a link to this .css file), and import this .xml file at the survey/admin/folderSurvey.do?action=viewImportSurvey['importFil...
CVE-2020-26565
PUBLISHED: 2021-07-31
ObjectPlanet Opinio before 7.14 allows Expression Language Injection via the admin/permissionList.do from parameter. This can be used to retrieve possibly sensitive serverInfo data.