Security Incidents mailing list archives
RE: *MAJOR SECURITY BREACH AT CCBILL**
From: <robh () forestknoll com>
Date: Thu, 20 Dec 2001 11:36:42 +1100
And they used telnet, ftp as well as ssh for doing that? The scary thing is that people have credit card facilities on a machine accessible by telnet. Obviously CCBILL's forte' is not security. ---------------------------------------------------- Robbert Hofman forestknoll technologies www.forestknoll.com Website and network monitoring tools Phone: +61 (02) 9963 2600 Fax: +61 (02) 9365 3520 Email: robh () forestknoll com -----Original Message----- From: Dayne Jordan [mailto:djordan () completeweb net] Sent: Thursday, 20 December 2001 6:37 AM To: NESTING, DAVID M (SBCSI) Cc: incidents () securityfocus com Subject: Re: *MAJOR SECURITY BREACH AT CCBILL** Because they occasionally go in and update their software used to clear the credit cards... repair password files of authorized users of protected areas on the customers website, etc etc. D. ======== "NESTING, DAVID M (SBCSI)" wrote:
Out of curiosity, why does CCBILL need usernames and passwords on their customers' systems? -----Original Message----- From: Dayne Jordan [mailto:djordan () completeweb net] Sent: Wednesday, December 19, 2001 3:15 AM To: incidents () securityfocus com Subject: *MAJOR SECURITY BREACH AT CCBILL** It appears that perhaps tens of thousands of username/passwords for valid shell logins ALL ACROSS THE NET may have been compromised at CCBILL,
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Re: *MAJOR SECURITY BREACH AT CCBILL**, (continued)
- Re: *MAJOR SECURITY BREACH AT CCBILL** Dayne Jordan (Dec 19)
- Re: *MAJOR SECURITY BREACH AT CCBILL** l0rtamus Prime (Dec 19)
- Re: *MAJOR SECURITY BREACH AT CCBILL** Robert van der Meulen (Dec 19)
- Re: *MAJOR SECURITY BREACH AT CCBILL** Dayne Jordan (Dec 19)
- RE: *MAJOR SECURITY BREACH AT CCBILL** Rick Darsey (Dec 19)
- Contacting t-dialin {MAJOR SECURITY BREACH AT CCBILL} Christian Vogel (Dec 20)
- Re: Contacting t-dialin {MAJOR SECURITY BREACH AT CCBILL} Damir Rajnovic (Dec 21)
- Contacting t-dialin {MAJOR SECURITY BREACH AT CCBILL} Christian Vogel (Dec 20)
- Re: *MAJOR SECURITY BREACH AT CCBILL** Matthew S. Hallacy (Dec 24)
- RE: *MAJOR SECURITY BREACH AT CCBILL** NESTING, DAVID M (SBCSI) (Dec 19)
- Re: *MAJOR SECURITY BREACH AT CCBILL** Dayne Jordan (Dec 19)
- Re: *MAJOR SECURITY BREACH AT CCBILL** Dayne Jordan (Dec 19)
- RE: *MAJOR SECURITY BREACH AT CCBILL** robh (Dec 20)
- RE: *MAJOR SECURITY BREACH AT CCBILL** jlewis (Dec 20)