Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

9/2/2011
11:58 AM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Two Alleged High-Profile Members Of Anonymous Arrested

Meanwhile, Anonymous hacks on, dumping online what appears to be incriminating emails, personal information of Texas law enforcement officers

The member of Anonymous who went by the handle "Kayla" with the persona of a 16-year-old girl might have been two grown men: The U.K. Metropolitan Police Service today said it has arrested two men, ages 24 and 20, who allegedly operated under the online identity.

The arrests came amid what appears to be the hacktivist group's latest data dump -- emails and private information, including passwords and cell phone numbers, of Texas law enforcement officers. Anonymous says the leaked data is in protest of the arrests and dozens Anonymous suspects, and the group claims to have 3 gigabytes of private emails and documents: "We opened fire on dozens of Texas police departments and stole boatloads of classified police documents and police chief emails across the state. During the San Jose courtdate we defaced and gave out live backdoor and admin access to the website TexasPoliceChiefs.org while allied ships launched ddos attacks upon Justice.gov and other law enforcement websites. For every defendant in the anonymous 'conspiracy' we are attacking two top Texas police chiefs, leaking 3GB of their private emails and attachments," the hacktivist group said in post with the leaked data.

The San Jose reference was to yesterday's hearing held there for 14 alleged members of Anonymous, all of whom pled not guilty to felony charges of conspiracy and hacking in connection with the DDoS attacks on PayPay. Anonymous also said it knocked the California Ninth Circuit Court of Appeals website offline yesterday in further protest.

Meanwhile, the arrests of the two men in the U.K., one in Mexborough, Doncaster, South Yorkshire, and the other, Warminster, Wiltshire, were part of a global investigation with the FBI and law enforcement agencies in other parts of the world, according to the Metropolitan Police. Computer equipment from the Doncaster residence was confiscated for forensic investigation.

"The arrests relate to our enquiries into a series of serious computer intrusions and online denial-of-service attacks recently suffered by a number of multi-national companies, public institutions and government and law enforcement agencies in Great Britain and the United States," said detective inspector Mark Raymond. "We are working to detect and bring before the courts those responsible for these offences, to disrupt such groups, and to deter others thinking of participating in this type of criminal activity."

Kayla is considered to be a key member of the LulzSec splinter group of Anonymous that targeted HBGary and others. Another key figure, Topiary, has been arrested, and Sabu, one of the more vocal leaders of the group online, has not been seen on Twitter for weeks.

And earlier yesterday, Christopher Jan Weatherhead, 20, and Ashley Rhodes, 26, both from the U.K., were charged with hacking crimes in connection with Anonymous.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-10696
PUBLISHED: 2020-03-31
A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions.
CVE-2020-5344
PUBLISHED: 2020-03-31
Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitrary code on the system by sending specially cr...
CVE-2020-5292
PUBLISHED: 2020-03-31
Leantime before versions 2.0.15 and 2.1-beta3 has a SQL Injection vulnerability. The impact is high. Malicious users/attackers can execute arbitrary SQL queries negatively affecting the confidentiality, integrity, and availability of the site. Attackers can exfiltrate data like the users' and admini...
CVE-2020-7009
PUBLISHED: 2020-03-31
Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys. An attacker who is able to generate an API key can perform a series of steps that result in an API key being generated with elevated privileges.
CVE-2019-13495
PUBLISHED: 2020-03-31
In firmware version 4.50 of Zyxel XGS2210-52HP, multiple stored cross-site scripting (XSS) issues allows remote authenticated users to inject arbitrary web script via an rpSys.html Name or Location field.