Full Disclosure mailing list archives

Re: Fwd: Rate Stratfor's Incident Response

From: Jeffrey Walton <noloader () gmail com>
Date: Sat, 7 Jan 2012 14:10:36 -0500

http://bolt.thexfil.es/84e9h!t was an interesting link - it
demonstrated the pwnage.

It looks like these folks gained access via PHP. Stratfor was using a
Linux based system system, but PHP was version 1.8
from 2009 (perhaps with some back patches). Current version of PHP is
5.3.8 (http://www.php.net/).

Two lessons: (1) keep your boxes patched, and (2) don't store secrets
in the plain text, or use [unsalted] MD5 to digest secrets.

Fuck me running - that's been known for years.... I think Stratfor
broke all the major tenets of data security. The company deserves
everything they get in this instance.

And I like the RickRoll - it was a nice touch which really
demonstrated a level of caring not often seen.

Jeff

On Sat, Jan 7, 2012 at 9:51 AM, Ed Carp <erc () pobox com> wrote:

ROFL!!!

---------- Forwarded message ----------
From:  <george.friedman () stratfor com>
Date: Sat, Jan 7, 2012 at 2:33 AM
Subject: Rate Stratfor's Incident Response
To: erc () pobox com

For the video announcement, please see
http://www.youtube.com/watch?v=oHg5SJYRHA0
Read full press release: http://bolt.thexfil.es/84e9h!t
Rate Stratfor's incident response:
http://img855.imageshack.us/img855/9055/butthurtreportform.jpg

Hello loyal Stratfor clients,

We are still working to get our website secure and back up and running
again as soon as possible.

To show our appreciation for your continued support, we will be making
available all of our premium content *as a free service* from now on.

We would like to hear from our loyal client base as to our handling of
the recent intrusion by those deranged, sexually deviant criminal
hacker terrorist masterminds. Please fill out the following form and
return it to me

My mobile: 512-658-3152
My home phone: 512-894-0125


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Fwd: Rate Stratfor's Incident Response Ed Carp (Jan 07)
- Re: Fwd: Rate Stratfor's Incident Response Jeffrey Walton (Jan 07)
  - Re: Fwd: Rate Stratfor's Incident Response Ferenc Kovacs (Jan 07)
    - Re: Fwd: Rate Stratfor's Incident Response Laurelai (Jan 07)
    - Re: Fwd: Rate Stratfor's Incident Response Shyaam Sundhar (Jan 07)
    - Re: Fwd: Rate Stratfor's Incident Response Valdis . Kletnieks (Jan 07)
    - Re: Fwd: Rate Stratfor's Incident Response Shyaam Sundhar (Jan 07)
    - Re: Fwd: Rate Stratfor's Incident Response Valdis . Kletnieks (Jan 07)
    - Re: Fwd: Rate Stratfor's Incident Response Laurelai (Jan 07)
    - Re: Fwd: Rate Stratfor's Incident Response Ferenc Kovacs (Jan 07)
    - Re: Fwd: Rate Stratfor's Incident Response Laurelai (Jan 07)
    - Re: Fwd: Rate Stratfor's Incident Response Shyaam Sundhar (Jan 07)

(Thread continues...)