Slashdot Mirror

← Back to Stories (view on slashdot.org)

Anatomy of the HBGary Hack

Posted by samzenpus on from the plan-of-attack dept.

PCM2 writes "Recently, Anonymous took down the Web sites of network security firm HBGary. Ars Technica has the scoop on how it happened. Turns out it wasn't any one vulnerability, but a perfect storm of SQL injection, weak passwords, weak encryption, password re-use, unpatched servers, and social engineering. The full story will make you wince — but how many of these mistakes is your company making?"

4 of 220 comments (clear)

  1. Awesome by cs668 · · Score: 5, Funny

    The story of their being hacked and how it was done has probably done more for systems security than they as a company ever have......

  2. Re: SQL injection by naz404 · · Score: 4, Funny

    Looks like they got taken out by Little Bobby Tables...

    http://xkcd.com/327

    --
    http://www.object404.com
  3. Re:Definitely interesting.... by benjamindees · · Score: 5, Funny

    It's more like a fire station burning down because the fire chief was being paid by the mayor to make molotov cocktails and throw them at local teenagers and one day they decided to throw one back and instead of putting the fire out the firemen screamed and ran around in circles and poured gasoline on it and the fire station exploded. But, yeah.

    --
    "I assumed blithely that there were no elves out there in the darkness"
  4. Re: SQL injection (I'm confused) by Sulphur · · Score: 3, Funny

    Watson: What is "http://www.hbgaryfederal.com/pages.php?pageNav=2&page=27" Alex