• Subscriber/Sign In
  • Register
  • About Us
isssource.com
  • Home
  • Eguide: Overcoming the Industrial Cyber Security Skills Gap
  • Register
  • News
    • Careers
    • Government
    • Incidents
    • Industry Voices
    • Products and Services
    • Sending it Your Way
    • Technology Update
    • Views
  • Profile
  • Research
  • User Profile
  • Events
  • Login
  • Lost Password
  • Training & Certification
  • Transactions
  • White Papers
  • Membership Details
  • Subscribe Now
  • Membership Contents
  • Archives

Breaking News

  • Fukushima Report: Robot Lifts Melted Fuel
  • TÜV, Nozomi Ink Partnership Pact
  • Pangea Patches Bypass Vulnerability
  • Fuji Fixes FRENIC Devices
  • ARC: Safety and Profitability Work Together
  • Public Needs to Know About Chem Releases: Judge
  • Robot Testing Radioactive Fuel at Fukushima
  • Siemens Fixes CP1604, CP1616 Holes
  • Siemens has Upgrade for Intel AMT
  • Siemens Fixes Hole in SIMATIC S7-300 CPU
  • Siemens has Licensing Software Fix for SICAM 230
  • Siemens Fixes Ethernet Communication Module, Relays
  • OSIsoft has Update for PI Vision Hole
  • First Responders Test Technology
  • Manufacturing Targeted in Hack Attack
  • Siemens Fixes SICAM A8000 RTU Series Hole
  • Read More

Chemical Safety Incidents

White Papers

  • A Year in Vulnerabilities
  • A Year in Threats
  • Year in Hunting and Responding
  • Finding the Competitive Edge
  • Going Digital
  • Visibility Leads to Knowledge
  • Tips to SCADA Security
  • Insurance Dilemma: Infrastructure Attacks
  • Monitoring a Growing Network
  • Integrated Approach to Protecting ICS
  • Analytics through Network Monitoring
  • Gaining Visibility on Malware Attacks
  • The Wireless Edge
  • Benefits of Virtualization
  • Wireless Reshaping IT/OT Network
  • Virtualizing Network: Benefits, Challenges
  • Read More

Sending It Your Way

  • aeSolutions Security Blog
  • exida Explains
  • Joel Langill: SCADAhacker
  • [In] Security Culture
  • Eric Byres: Practical SCADA Security
  • Department of Homeland Security
  • Jim Cahill
  • Dale Peterson
  • Industrial Defender
  • Wurldtech
  • Read More

Unsecure Sites Hacked

Tuesday, July 7, 2015 @ 03:07 PM gHale

GhostShell published a list of compromised targets with each listing entry accompanied by links to four different public locations have a preview of the extracted data.

The goal of the database is not to cause harm to the victims, GhostShell said, but to draw attention to the sites’ non secure nature.

RELATED STORIES
Breaches Continue Upward Trend
Attackers Exploit Privileged Accounts
Cloud Breach: Cost 3 Times Higher
How Attackers Bypass Security: Report

GhostShell goes back as far as 2012. In March 2013, the organization said its activity would stop, but that did not last as on June 28, GhostShell’s Twitter account came back to life, publishing targets and links to dumped data.

“Time to bring to light the things that you’ve never been told in the media lately. How truly deplorable cybersecurity has become,” reads the second tweet after the comeback.

The list includes websites in the government and educational sector as well as retailers around the world.

All the entries ended up gathered in a single document available on Pastebin. The number of victims is 548, according to the data published on Pastebin. It is not clear when the breaches occurred.

GhostShell also made note of Dark Hacktivism, which is group is promoting. In the Dark Hacktivism piece they published, GhostShell shared information from their experience hacking various organizations.

The details refer to the physical and mental stress resulting from long hacking sessions and to psychological preparedness and building up online alter egos to protect the real identity.

Examples provided in the document aim at cybercriminals but also administrators. They reveal tactics a hacker may employ to continue an exfiltration process, hurdles encountered, ways to gather knowledge to determine if and how a target is vulnerable and inferring server layout from available hints.

GhostShell said some targets ended up hacked because they failed to implement the latest patches on the market.

GhostShell said in the case of the targets in the education sector, 9 out of 10 are vulnerable against basic forms of attack.

As of July 4, GhostShell posted on its Twitter account: “ALL bins have been deleted. If you haven’t seen the data yet don’t worry we’ll do a re-release next time on 100 file sharing sites.”



Leave a Reply

Click here to cancel reply.

You must be logged in to post a comment.

« 7 Injured in NE Petroleum Blast
Brothers Guilty in State Dept. Hack »

  • Home
  • Eguide: Overcoming the Industrial Cyber Security Skills Gap
  • Register
  • View Spotlight Article
  • News
  • Profile
  • Research
  • User Profile
  • Events
  • Login
  • Lost Password
  • Training & Certification
  • Transactions
  • White Papers
  • Membership Details
  • Subscribe Now
  • About Us
  • Membership Contents
  • Archive
  • Sitemap
  • Careers
  • Government
  • Incidents
  • Industry Voices
  • Products and Services
  • Sending it Your Way
  • Technology Update
  • Views
Policies
Copyright © 2019 isssource.com