RIAA wiped off the net
Print storyHacktivists at work
Posted in Enterprise Security, 21st January 2008 12:25 GMT
Free whitepaper – Vulnerability management buyer's checklist
A lack of security controls allowed hackers to "wipe" the Recording Industry Association of America's (RIAA) website on Sunday.
The existence of an SQL injection attack on the RIAA's site came to light via social network news site Reddit. Soon after hackers were making merry, turning the site into a blank slate, among other things.
The RIAA has restored RIAA.org, although whether it's any more secure than before remains open to question, TorrentFreak reports.
The RIAA's high-profile lawsuits against file sharers have made it a prime target for hack attacks, so its apparent failure to apply rudimentary security controls looks especially dumb even though, as with most such attacks, little damage was actually caused.
In other hacking news, the Church of Scientology's website reportedly came under attack last week, leaving it unavailable for parts of the weekend.
The attack was reportedly an act of hacktivism prompted by the organisation's attempts to pull a promotional video featuring Scientologist Tom Cruise from YouTube. YouTube pulled the clip, but the material has since resurfaced on Gawker.com. ®
Airport insecurity: the case of lost laptops
Jump start your Application Security initiatives
Reducing messaging and web security costs with managed services
Avoiding 7 common mistakes of IT security compliance
Extended Validation SSL Certificates
Feds: Hospital hacker's 'massive' DDoS averted
Buggy 'smart meters' open door to power-grid botnet
Microsoft knew of nasty IE bug a year before attacks
BlockMaster SafeStick hardware-encrypted USB drive