[ISN] RIAA wiped off the net

From: InfoSec News (alerts@private)
Date: Mon Jan 21 2008 - 22:11:07 PST


http://www.theregister.co.uk/2008/01/21/riaa_hacktivism/

By John Leyden
The Register
21st January 2008

A lack of security controls allowed hackers to "wipe" the Recording 
Industry Association of America's (RIAA) website on Sunday.

The existence of an SQL injection attack on the RIAA's site came to 
light via social network news site Reddit. Soon after hackers were 
making merry, turning the site into a blank slate, among other things.

The RIAA has restored RIAA.org, although whether it's any more secure 
than before remains open to question, TorrentFreak reports.

The RIAA's high-profile lawsuits against file sharers have made it a 
prime target for hack attacks, so its apparent failure to apply 
rudimentary security controls looks especially dumb even though, as with 
most such attacks, little damage was actually caused.

In other hacking news, the Church of Scientology's website reportedly 
came under attack last week, leaving it unavailable for parts of the 
weekend.

The attack was reportedly an act of hacktivism prompted by the 
organisation's attempts to pull a promotional video featuring 
Scientologist Tom Cruise from YouTube. YouTube pulled the clip, but the 
material has since resurfaced on Gawker.com.


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn 



This archive was generated by hypermail 2.1.3 : Mon Jan 21 2008 - 22:31:30 PST