I’m not going to spoil this, at least not too much. But Motherboard has managed to speak to the so called “Impact Team” via e-mail. And they’ve in short said that Ashley Madison did not really try too hard to secure their site and that they were there for extended periods of time gathering info. In terms of the former, I’ll use this example:
MOTHERBOARD: How did you hack Avid Life Media? Was it hard?
The Impact Team: We worked hard to make fully undetectable attack, then got in and found nothing to bypass.
What was their security like?
Bad. Nobody was watching. No security. Only thing was segmented network. You could use Pass1234 from the internet to VPN to root on all servers.
That’s not just bad, that’s just pathetic. It’s as if Ashely Madison wanted to get pwned. Either that, or they didn’t care about IT security and only cared about the money. That should make that class action lawsuit really easy to win. I encourage you to read the entire interview because if it’s true, and I’m of the opinion that it likely is, then Ashely Madison and those who own the site deserve everything they get.
Like this:
Like Loading...
Related
This entry was posted on August 21, 2015 at 10:22 pm and is filed under Commentary. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Impact Team Speaks…. And What They Say Will Blow Your Mind
I’m not going to spoil this, at least not too much. But Motherboard has managed to speak to the so called “Impact Team” via e-mail. And they’ve in short said that Ashley Madison did not really try too hard to secure their site and that they were there for extended periods of time gathering info. In terms of the former, I’ll use this example:
MOTHERBOARD: How did you hack Avid Life Media? Was it hard?
The Impact Team: We worked hard to make fully undetectable attack, then got in and found nothing to bypass.
What was their security like?
Bad. Nobody was watching. No security. Only thing was segmented network. You could use Pass1234 from the internet to VPN to root on all servers.
That’s not just bad, that’s just pathetic. It’s as if Ashely Madison wanted to get pwned. Either that, or they didn’t care about IT security and only cared about the money. That should make that class action lawsuit really easy to win. I encourage you to read the entire interview because if it’s true, and I’m of the opinion that it likely is, then Ashely Madison and those who own the site deserve everything they get.
Share this:
Like this:
Related
This entry was posted on August 21, 2015 at 10:22 pm and is filed under Commentary. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.