Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
No More Jail Time: LulzSec's Sabu Sentenced to Time Served
Newest First  |  Oldest First  |  Threaded View
Bprince
50%
50%
Bprince,
User Rank: Ninja
5/28/2014 | 7:06:43 PM
Short time
Not much of a penalty considering the amount of time he was facing and the activities he was involved in. Granted his cooperation was extensive, but seven months doesn't seem like much.

BP
securityaffairs
50%
50%
securityaffairs,
User Rank: Ninja
5/28/2014 | 4:56:40 PM
Re: Back online
This is a dangerous precedent. Sabu is a criminal, but it has been judged as an hero.
You can trust who has betrayed his beliefs?
We will heve 100, 1000 other SABU in the incoming months ... but they will not mitigate hacktivism cyber threat for sure.
The only way to face hacktivism is to listen their voice ... you cannot arrest an ideology.
Sara Peters
50%
50%
Sara Peters,
User Rank: Author
5/28/2014 | 3:09:36 PM
Re: Back online
@Whoopty  That's a great point. I wonder if he'll go into witness protection. And I also wonder how good the US marshalls are at the electronic side of witness protection. I mean, if anyone could track down a person who changed their identity, it's a team of criminal hackers.
Sara Peters
50%
50%
Sara Peters,
User Rank: Author
5/28/2014 | 3:07:42 PM
Re: Romancing the Hack
@Kelly  Yeah, that struck me too, as long as you choose to believe that he really did flip as quickly and eagerly as they said he did. Still, if you were facing over 20 years in prison, you'd probably want to do whatever you could to lighten your sentence.
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
5/28/2014 | 12:20:49 PM
Re: Back online
Good point, @Whoopty. He may want/need to stay under the radar for a very long time.
Whoopty
50%
50%
Whoopty,
User Rank: Ninja
5/28/2014 | 12:17:56 PM
Back online
I wonder if he'll be taking his first tentative steps back online in the next few days. Considering he's rolled over on so many other hackers, he'll have to watch his digital back for a long time to come. Must be pretty nerve racking. 
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
5/28/2014 | 7:50:38 AM
Re: Romancing the Hack
What was most interesting to me in this case was how quickly Sabu flipped, and also gave up info on other illegal hacks he had done that the the FBI didn't even know about. 
RetiredUser
100%
0%
RetiredUser,
User Rank: Ninja
5/27/2014 | 10:36:12 PM
Romancing the Hack
While the idea of renegade teams of cyber-warriors may sound appealing, ultimately the classic and safest hackers run solo and silent.  Say what you will about the actual skill-set of LulzSec, their real Achilles heel was the group itself.  With that many official, semi-official and wannabe members, there was bound to be poorly thought-out activities, arrests and sell-outs.

I think more of these bright young minds would be happier on the "white" side of the hack, rather than out there romancing it, when they realize prison, paranoia and the persistence of agencies like the CIA and FBI will no longer be part of their future.  Being in love with tech and with the hack doesn't mean you can't also be in love with your fellow human.  Let's see some more good being done out there; hack a solution to global sex trafficking or famine.


Commentary
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Tim Sadler, CEO and co-founder of Tessian,  6/17/2021
Edge-DRsplash-10-edge-articles
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
Pam Baker, Contributing Writer,  6/22/2021
News
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
Kelly Sheridan, Staff Editor, Dark Reading,  6/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-2322
PUBLISHED: 2021-06-23
Vulnerability in OpenGrok (component: Web App). Versions that are affected are 1.6.7 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise OpenGrok. Successful attacks of this vulnerability can result in takeover of OpenGrok. CVSS 3.1 ...
CVE-2021-20019
PUBLISHED: 2021-06-23
A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.
CVE-2021-21809
PUBLISHED: 2021-06-23
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
CVE-2021-34067
PUBLISHED: 2021-06-23
Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.
CVE-2021-34068
PUBLISHED: 2021-06-23
Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.