Educause Security Discussion mailing list archives
Re: Multiple .edu sites reportedly victims of db theft
From: "Milford, Kim" <kmilford () IU EDU>
Date: Mon, 9 Feb 2015 16:48:56 +0000
REN-ISAC serves as the Computer Security Incident Response Team (CSIRT) for the higher education community. When we receive information regarding cybersecurity incidents, we analyze the information available and notify impacted institutions. As part of the CSIRT activities, we track incidents reported on security lists, including this one, and process reports of cybersecurity incidents accordingly. More about the CSIRT service can be found here: http://www.ren-isac.net/csirt/. REN-ISAC is increasingly seeing in the use of pastebin as a site for the publication of compromised institutions and credentials as well as details from hacks. We're working to automate CSIRT activities to allow for more timely analysis and notification of pastebin dumps, thereby allowing victims to respond more readily. Feel free to report incidents directly to us at soc () ren-isac net or (317)274-7228. Kim Milford Executive Director REN-ISAC 2719 E. 10th Street, Suite 201 / Bloomington, IN 47408 office: +1(317) 278-4815 / cell: +1(317) 625-7800 / fax: +1(812) 856-7400 kmilford () ren--isac net Indiana University Research Education Network - Information Sharing and Analysis Center / ren-isac.net 24x7 Watch Desk: +1(317) 278-6630, soc () ren-isac net -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Alan Amesbury Sent: Thursday, February 5, 2015 1:15 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Multiple .edu sites reportedly victims of db theft On Feb 5, 2015, at 11:47 , Frank Barton <bartonf () HUSSON EDU> wrote:
Has any more information come to light as to how these institutions were compromised?
This was recently published:
http://t.co/3ZpdkRltvh
Regardless of whether this was written by the perpetrator, it tracks well with what we know so far of the attacker's
methodology.
--
Alan Amesbury
University Information Security
Current thread:
- Re: Multiple .edu sites reportedly victims of db theft, (continued)
- Re: Multiple .edu sites reportedly victims of db theft Hudson, Edward (Feb 03)
- Re: Multiple .edu sites reportedly victims of db theft Colleen Blaho (Feb 03)
- Re: Multiple .edu sites reportedly victims of db theft Keller, Alex (Feb 03)
- Re: Multiple .edu sites reportedly victims of db theft John Ladwig (Feb 03)
- Re: Multiple .edu sites reportedly victims of db theft Carson, Larry (Feb 03)
- Re: Multiple .edu sites reportedly victims of db theft John Stauffacher (Feb 03)
- Re: Multiple .edu sites reportedly victims of db theft John Stauffacher (Feb 03)
- Re: Multiple .edu sites reportedly victims of db theft John Ladwig (Feb 03)
- Re: Multiple .edu sites reportedly victims of db theft Frank Barton (Feb 05)
- Re: Multiple .edu sites reportedly victims of db theft Alan Amesbury (Feb 05)
- Re: Multiple .edu sites reportedly victims of db theft Milford, Kim (Feb 09)