Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

From the mailbag: Sympatico hacked, TCP dead, SHA-1 out, Belarus DoS

Published: 2009-06-12
Last Updated: 2011-01-24 23:51:49 UTC
by Adrien de Beaupre (Version: 1)
2 comment(s)

In other news this week...

Sympatico may have been hacked, TCP might be dead, SHA-1 may be on its way out, and political hacktivism.

A major ISP in Canada, Sympatico, appears to have had a breach of their web site according to Websense, malicious code appeared to have been inserted briefly. More info is here http://securitylabs.websense.com/content/Alerts/3416.aspx

A major issue with the TCP protocol implementation may lead to Denial of Service (DoS) to virtually any web site. Reported in Phrack issue 66.

The SHA-1 hashing algorithm is showing its age, researchers may be on their way to creating practical collisions. The paper is found here. http://eprint.iacr.org/2009/259.pdf

Arbor reports that Denial of Service attacks have been ongoing against a Belarus news site. The article is here. http://asert.arbornetworks.com/2009/06/ddos-floods-in-belarus-political-motivations/

Cheers,
Adrien de Beaupré
Intru-shun.ca Inc.

Keywords:
2 comment(s)
Diary Archives