Web Application Security
Help! Blogs.ntu.edu.sg was hacked. Dec 17 2012 04:04PM
Teo En Ming \(Zhang Enming\) (singapore mr teo en ming gmail com) (3 replies)
Re: Help! Blogs.ntu.edu.sg was hacked. Dec 18 2012 07:12AM
mitchell (mitchell tufala net) (1 replies)
Re: Help! Blogs.ntu.edu.sg was hacked. Dec 18 2012 03:19PM
Jackie McBride (abletec gmail com)
RE: Help! Blogs.ntu.edu.sg was hacked. Dec 18 2012 01:24AM
Rahman, Tariq (Tariq Rahman cytec com)
Before starting on potential actions, I would suggest defining what goal are you setting for your effort? It's likely one of three possibilities:

1) You simply want to repair the solution and get back up and running as quickly as possible, ignoring how or why the hack occurred.
2) You want to get back up and running but also uncover how the hack occurred and fix it so that it does not happen again
3) You want to fix the solution, block future hacks of similar nature and also investigate who broke in so that you can potentially take legal action (if possible)

Each successive level takes more time, money and resources to achieve - which one are you focusing on?

Tariq Rahman
Supervisor/IT Risk Team
Cytec Industries Inc.

________________________________________
From: listbounce (at) securityfocus (dot) com [email concealed] [listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of Teo En Ming (Zhang Enming) [singapore.mr.teo.en.ming (at) gmail (dot) com [email concealed]]
Sent: Monday, December 17, 2012 11:04 AM
To: webappsec (at) securityfocus (dot) com [email concealed]; Teo En Ming (Zhang Enming)
Subject: Help! Blogs.ntu.edu.sg was hacked.

Dear list,

Blogs.ntu.edu.sg was hacked recently. Please search the Yahoo! search
engine for blogs @ ntu. You will observe that the Yahoo! search engine
returns results displaying nike shoe advertisements. If the user agent
is a browser or Google Bot, and the referrer is Google, traffic to
blogs.ntu.edu.sg will be redirected to http://www.newfreeshoes.com/

We have searched the wordpress directories and the mysql database but
found nothing. How can we trace what the hackers have done to
blogs.ntu.edu.sg?

Thank you very much.

--
Yours sincerely,

Mr. Teo En Ming (Zhang Enming)
Singapore

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

Legal Notice: This electronic communication, including any attachments, contains information from Cytec Industries Inc. or its subsidiaries that may be legally privileged, confidential, and exempt from disclosure under applicable law. If you are not the intended recipient, any use or dissemination of this communication or its attachment(s) is strictly prohibited and may be illegal. If you have received this communication in error, please notify the sender immediately, destroy any printed copies and delete it from all computers on which it may be stored.

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

[ reply ]
Re: Help! Blogs.ntu.edu.sg was hacked. Dec 17 2012 10:52PM
Alexander Pick (acpi mac com)


 

Privacy Statement
Copyright 2010, SecurityFocus