USuncutMN says: Tax the corporations! Tax the rich! Stop the cuts, fight for social justice for all. Standing in solidarity with http://www.usuncut.org/ and other Uncutters worldwide. FIGHT for a Foreclosure Moratorium! Foreclosure = homelessness. Resist the American Legislative Exchange Council, Grover Norquist and Citizen's United. #Austerity for the wheeler dealers, NOT the people.



We Are The 99% event

USuncutMN supports #occupyWallStreet, #occupyDC, the XL Pipeline resistance Yes, We, the People, are going to put democracy in all its forms up front and center. Open mic, diversity, nonviolent tactics .. Social media, economic democracy, repeal Citizen's United, single-payer healthcare, State Bank, Operation Feed the Homeless, anti-racism, homophobia, sexISM, war budgetting, lack of transparency, et al. Once we identify who we are and what we've lost, We can move forward.



Please sign and SHARE

Wednesday, August 17, 2011

Antisec hacks another Defense Contractor? « Il Blog di Paolo Passeri

Antisec hacks another Defense Contractor? « Il Blog di Paolo Passeri

The Antisec Typhoon seems unstoppable and has apparently hacked another Defense Contractor. Continuing their campaign against law enforcement agencies and related organizations, driven by the infamous hash #FFFriday, this time they have targeted Richard Garcia, the Senior Vice President of Vanguard Defense Industries (VDI). During the Breach nearly 4,713 emails and thousands of documents were stolen.

According to TechHerald, AntiSec targeted VDI’s website due to their relationship with several law enforcement agencies from Texas and other parts of the U.S., as well as their relationship with the FBI, the DHS, and U.S. Marshals Service. Moreover, with this hack Antisec (in)directly targeted FBI since Richard Garcia is the former Assistant Director in Charge of the FBI’s field office in Los Angeles. To those supporting AntiSec, this alone is reason enough to target VDI and release Garcia’s corporate email to the public.

As usual the attack had been anticipated by an enigmatic and threatening tweet:

The emails were taken after AntiSec breached VDI’s website, based on the popular WordPress platform. According to Antisec source, VDI had two outdated plugins installed on their website, which had its development outsourced to a local marketing company in Texas. Although the person from AntiSec did not disclose the exact method used to access Garcia’s email, he stated that the hack was performed through the VDI website, and that his password was rather weak.

VDI is the responsible for ShadowHawk, an unmanned helicopter that can be tasked with aerial surveillance or equipped for military usage. At its base, the ShadowHawk comes with CCD TV optics, or an upgraded version includes CCD TV optics and FLIR optics. A third version, for military or law enforcement usage only, can be equipped with a single or multiple shot 37 mm or 40mm grenade launcher, as well as a 12g shotgun, and thermal cameras.

The is only the last leak to Defense Contractor, scroll down the list for attacks targeting Defense Contractors in this very troubled year:

Date Author Description Organization Attack
Feb 5


HBGary Federal

Anonymous hacks HBGary Federal Web Site, copies tens of thousands of documents, posts tens of thousands of emails online and usurps CEO Aaron Baar’s Twitter Account.


?
Apr 6
?

L3 Communications

An E-mail dated April 6, sent to 5,000 employees of U.S. Defense Contractor L-3 warns of an attack attempt made with compromised SecureIDs. It is not clear if the attack was successful (it was revelead half a month later). This is in absolute the first attack perpetrated with RSA Seeds.


Compromised SecureID
May 21 ?

Lockheed Martin

This is the first known (and the only officially recognized so far) attack perpetrated with compromised SecureID seeds targeting a U.S. Defense Contractor. This Attack was detected before any sensitive information could be stolen. 100,000 accounts were locked as a precaution.


Compromised SecureID
May 26 ?

Northrop Grumman

Third U.S. Defense Contractor attacked using Compromised RSA Seeds. Attacked detected before any sensitive data was stolen.


SQLi?
Jun 3

InfraGard

As part of the FFFriday campaign, LulzSec steals 180 usernames, real names, hashed and plain text passwords, are acquired and posted publicily


N/A
Jul 8

IRC Federal

Anonymous attacks IRC Federal and dumps the content of the attack on a torrent available at The Pirate Bay. The dumped content include databases, private emails, contracts, development schematics, and internal documents for various government institutions.


SQLi?
July 11

Booz Hallen Hamilton

Anonymous attacks consulting firm Booz Allen Hamilton and releases details of internal data including 90,000 military emails and passwords. Estimated cost of the breach is around $5,400,000.00.


SQLi?
Jul 11 ?

Unknown Contractor

The Pentagon reveals to have suffered a breach of 24,000 documents in March, during a single intrusion believed to have been perpetrated by a Foreign Country. As a consequence of the Intrusion, a classified U.S. Military Weapon System will need to be redesigned after specs and plans were stolen during the breach.


?
Jul 28

Mantech International Corporation

Anonymous hacks Mantech International Corporation, another FBI Contractor, as a consolidated tradition on Friday, and releases details of internal data and documsnts.


?
Jul 29

U.S. Law Enforcement Institutions

As part of the Antisec operation and in retaliation for the raids and the arrest again alleged Anonymous and LulzSec members, Anonymous attacks 77 U.S. Law Enforcement Institutions, defacing and destroying their servers.


SQLi?
Aug 1

PCS ConsultantsAnother U.S. Government contractor, PCS Consultants gets hacked by Anonymous & Antisec. Hackers extract website Database and leak it on the internet via Twitter on Pastebin (as usual!). Leaked Data include Admin’s and 110 users emails, plus passwords in encrypted hashes.
?
Aug 16

Vanguard Defense Industries

Antisec targets Richard Garcia, the Senior Vice President of Vanguard Defense Industries (VDI). During the Breach nearly 4,713 emails and thousands of documents are stolen.


Vulnerability in WordPress Hosting Platform


No comments:

Post a Comment