Feeds

Anonymous pwns security firm that probed its membership

HBGary gets the ACS:Law treatment

Top 5 reasons to deploy VMware with Tegile

The Anonymous hacking collective took revenge on a security firm that had investigated its membership on Sunday.

HBGary Federal has been seeking to uncloak the identities of senior members of Anonymous involved in attacks against financial services firms, such as PayPal and Mastercard, that had suspended accounts run by WikiLeaks. The security consultancy had infiltrated IRC chat sessions and Facebook groups used by core members of the Anonymous collective. HBGary Federal wanted to present its research at an upcoming security conference.

In response, Anonymous did a number on HBGary by hacking into its email system and uploading 60,000 emails onto file-sharing networks. Anonymous also defaced HBGary's website with an image explaining their motives as well as taking over the Twitter feed of HBGary's chief exec, Aaron Barr, to tweet abuse as well as supposed details of his home address and social security number. LinkedIn accounts of other senior HBGary execs were also targeted for attack.

Anonymous also posted HBGary's research of the hacking collective, claiming that the names and addresses of Anonymous members gleaned by the firm are largely bogus. The techniques and methods employed during the attack remain unclear.

HPGARYisdown2

The assault is far more sophisticated than the usual denial of service attacks deployed by Anonymous volunteers against organisations that earn its displeasure, such as entertainment industry firm-hassling file-sharing sites and the Church of Scientology as well as as those refusing to cash WikiLeaks' cheques.

The assault on HBGary follows the same pattern as a previous assault against ACS:Law, a controversial legal firm that ran a business sending threatening letters to alleged file-sharers.

HBGary's website had been replaced by an "under construction" holding page at the time of writing. Rootkit.com, a research site maintained by HBGary, and also hit by the attack remains unavailable. ®

Beginner's guide to SSL certificates

Whitepapers

Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.