October 22nd, 2014

Zone-H Defaced

Zone-H, a host of the largest website defacement archive, got defaced yesterday, December 21st. The break-in itself is an example of a multi-stage attack utilizing attack vectors ranging from social engineering and XSS vulnerability in Hotmail to remote file-inclusion flaw in Zone-H’s content management system. The end result is this:
zone-h.
Important lessons should be learned from this hack, one is that human factor still is the weakest link in the security chain as well as an existence of a promising ground for research (abuse) in Javascript, AJAX, and the like technologies.

Leave a Response

Imhotep theme designed by Chris Lin. Proudly powered by Wordpress.
XHTML | CSS | RSS | Comments RSS