regina@cryptoid.com.br

Estamos em novo endereço. Encontre-nos lá!

Faça parte desse projeto você também!

Conteúdo

O objetivo desse Blog é apresentar essa fantástica e importante tecnologia, de forma simples, para que pessoas que não dominam aspectos técnicos também possam acompanhar a evolução da adoção da Certificação Digital e o universo que gira ao seu redor:

Certificado Digital para Assinatura e Sigilo, Certificado de Atributo, Carimbo do Tempo, Documentos Eletrônicos, Processos Eletrônicos, Nota Fical Eletrônica, TV Digital, Smart Card, Token, Assinador de Documento, Gerenciador de Identidades etc..

Este Blog publica matérias e artigos extraídos da mídia que expressam a opinião dos respectivos autores e artigos escritos por mim que expressam, exclusivamente, minha opinião pessoal sem vínculo a nenhuma organização.

Matérias organizadas por data de publicação

quarta-feira, 23 de julho de 2014

Quando os hackers brincam com a imprensa!



Há anos falo sobre o cuidado redobrado que empresas de comunicação precisam ter com seus sites.

Uma notícia plantada em um veículo de credibilidade ilibada, desencadeia instantaneamente a notícia e até que haja o desmentido e que circule muita coisa pode acontecer nesse meio tempo.

Se a notícia for econômica por exemplo pode repercutir na movimentação da bolsa de valores e dependendo da empresa envolvida na matéria isso pode repercutir a nível mundial. Gera prejuízo de muitos em detrimento de benefícios gerados a quem detinha a informação.

No caso do artigo a seguir, o que ocorreu com o The Wall Street Journal, segundo os hackers russos, foi apenas um alerta de falha de segurança.



Vice.com hacked, possibly The Wall Street Journal website too

When W0rm similarly hacked CNET, it told the tech news site that it was only looking to expose security flaws.

On Monday, a reported Russian hacker group known as W0rm tweeted, along with screenshots, that it had hacked popular news, arts and culture site Vice.com and The Wall Street Journal website, and would sell each stolen database for a Bitcoin.

A Vice.com spokesperson told SCMagazine.com on Tuesday that a recent security exploit was used to access a list of Vice.com CMS users. A CMS, or content management system, is an application often used by news groups to modify, publish and maintain content posted to a website.

The list of CMS users included email addresses and hashed passwords, which are unusable unless decrypted, the Vice.com spokesperson said, adding the vulnerability has since been patched and the passwords were reset as a precaution.

The screenshot posted by W0rm to Twitter was of the CMS user list; the website was not defaced and user accounts were not compromised, Vice.com said.

Dow Jones & Company, publisher of The Wall Street Journal, did not immediately respond to a SCMagazine.com request for comment. In a possibly unrelated instance, hackers recently compromised the Facebook account for the daily newspaper and posted a message falsely indicating that Air Force One had crashed.

On July 12, W0rm tweeted, along with screenshots, that it had hacked popular technology news and review site CNET and would sell a database of user information for a Bitcoin. CNET confirmed the attack two days later.

In a Twitter conversation, a W0rm representative told CNET it had stolen usernames, email addresses and encrypted passwords on more than a million users, but that its goals were only to bring attention to security holes, and the group did not intend to decrypt and sell the database.

The W0rm representative said the group exploited a vulnerability in CNET's Symfony PHP framework, a programming tool that helps developers create websites.

UPDATE: CNET had reported that W0rm is a group, but Andrew Komarov, CEO of IntelCrawler who investigated the attacks, told SCMagazine.com on Wednesday that W0rm is a single individual, also known as Rev0lver.