FBI: Massive MS Exploits Over Last Year 290
Wanker writes "An Eastern European hacker group has spent the last year systematically exploiting known bugs in IIS to steal customer and credit card info. Read about it at the
SANS security site."
Says SANS, "The FBI and Secret Service are taking the unprecedented step of releasing detailed forensic information from ongoing investigations" of the IIS, MS SQL Server and Windows NT breakins. We don't normally post news about exploits, but the scale here is massive: more than a million credit cards have been taken in a blackmail-extortion operation that has been going on for a year. Speculation is welcome as to why NT sysadmins don't install service packs for known vulnerabilities...
Update: 03/09 03:37 AM GMT by J : Microsoft says,
Don't Be A Victim!.
If you are an NT admin or know someone who is, note especially:
"Within a day or two, the Center for Internet Security will release a small tool that you can use to check your systems for the vulnerabilities and also to look for files the FBI has found present on many compromised systems...
"The Center's tools are normally available only to members, but because of the importance of this problem, the Center agreed to make the new tool, built for the Center by Steve Gibson of Gibson Research) available to all who need it."
FBI: Massive MS Exploits Over Last Year More Login
FBI: Massive MS Exploits Over Last Year
Related Links Top of the: day, week, month.
Slashdot Top Deals