Tag: Web Defacement
-
Deconstructing the Defacer Challenge Hoax/FUD
[This was written with Richard Forno and originally published on attrition.org.] On June 21, 2003, a small web site was created to harnass the competitive nature of the defacing community by holding a contest of computer vandalism. Several computer security companies took this event as an opportunity to whore themselves out to any media outlet…
-
SecurityFocus Defaced? Kind of.
[This was originally published on attrition.org. Jay Dyson and Simple Nomad contributed to this post.] Earlier today, various people/sites were reporting that SecurityFocus.com had been defaced. Initial inspection of the screenshots suggested this was the case, but further digging revealed what really happened. First, one must define a ‘defacement’. In the years of running the…
-
Commentary on Patriotic Hacking
[This was originally published on attrition.org.] Attrition staff have been getting several mails warning of impending “patriotic hacking” in retaliation for the terrorist attacks on September 11. Some are from the usual opportunists, exploiting world-wide attention on the recent terrorist attacks to further their own agenda. Others are from people who just want to do…
-
Lessons Learned From attrition.org / Mirror Image
B.K. and I did a talk about our experience running the Attrition defacement mirror at BlackHat Briefings USA 2001.
-
A Note on Security Disclosures
[This was originally published in ;Login magazine. A pretty PDF version is available with the charts that are missing below.] In recent months, a handful of outspoken security professionals have begunto openly challenge the philosophy of full disclosure. For years, most ofus in the security community have held this philosophy as a basic tenantof vulnerability…
-
Defacement-Commentary Address
[This was originally published on attrition.org.] “CyberWar Rages in the Middle East!!! YOUR Servers could be next!!!“ This is the kind of crap coming out of so-called security companies and news media lately. The real irony is that they are using data from the Attrition web defacement mirror to support their hyped conclusions. Let’s take…
-
Feds, Felons, and Flakes: Reflections on the Attrition Mirror
In 2000, Matt, Dale, and myself did a presentation at BlackHat Briefings in Las Vegas on the Attrition defacement mirror, after we had concluded the project. Below is the summary and one slide from the stats for perspective. This presentation covered the basics of running the Defacement Mirror, problems we ran into, the mirror process,…
-
CERT Rides the Short Bus
[This was originally published on attrition.org.] One of the resources Attrition.org provides is mirroring defaced web pages. One of the related services is running three mail lists revolving around defaced web pages. We offer three different mail lists to accommodate people wishing to stay abreast of the latest defacements: defaced – this list receives one…
-
“It Is Good Beating Proud Folks..”
[This was originally published on attrition.org.] “It is good beating proud folks, for they will not complain“ William Knowles pointed me to www.realspy.com today, as they had apparently changed their web page after a recent defacement. Below is the message currently up on their server: Due to hackers rewriting my pages from others websites, we will be…
-
Ex-Game: (Untitled)
[This was the second article I did for Ex-Game magazine (print mag in Japan). It was titled as my name and labeled “Original Document”. It was subsequently mirrored on attrition.org.] In the past few years, Japan has seen very few incidents of web sites being defaced. From 1995 to January of 2000, there were only…