in ,

Unpatched US government website gets pwned by pro-Iran script kiddie, Ars Technica

Unpatched US government website gets pwned by pro-Iran script kiddie, Ars Technica


      Feel the fury –

             

Federal Deposit Library Program’s server unpatched since (****************************************************.

      

      

**************   

           

      

            

                                  

                                                                    The defaced Federal Deposit Library Program website as it appeared on January 5.                                                                                  

                                        

                                                                    The Federal Deposit Library Program’s home page as it appeared in November.                                                                      

                    

                                        
                                                                    IRAN-CYBER’s scoreboard on Zone-H.                                                                  )   

        On the heels of the killing of Iranian Revolutionary Guard Corps General Qassem Soleimani by a US MQ-9 Reaper strike on January 2 , the US Department of Homeland Security warned of potential cyberattacks against critical infrastructure by Iran. That warning probably did not apply to the website of the Federal Deposit Library Program, operated by the US Government Printing Office — which was defaced on January 4 with a pro-Iranian message and an image of a bloodied President Donald Trump being punched by an Iranian fist.

        The FDLP website is no stranger to defacement attacks. As abrief analysis of the attackby a security researcher with the Twitter username @sshell_ noted, the site has been defaced twice in the last 13 years –most recently in 2014, when it was replaced with an electronic dance music video featuring a dancing cat. Based on a fingerprint of the site’s files, the site — based on theJoomla content management system– had not had its code updated since 2019. And the site had modules that used a version of Joomla’s RSForm that had been flagged (months ago) *********************************** as being vulnerable to a SQL Injection attack.While the image depicting Trump had no metadata attached to it, another image with text had Exchangeable Image File Format (EXIF) data indicating it had been created with Adobe Photoshop CS 6 for Windows in (******************************************************. As sshell_ noted, the image was used in a defacement reported to the “cybercrime archive” Zone-H by a user identifying themselves as IRAN-CYBER on December 2,Zone-H offers a sort of scoreboard for defacement hackers, allowing them to report their deeds anonymously. IRAN-CYBER has reported 2, defacements dating back to – most of them opportunistic attacks on poorly protected sites.

        The FDLP site defacement was reported widely by mediatying it to the threats of retaliation by Iran. The DHS ‘Cybersecurity and Infrastructure Security Agency (CISA) was forced to respond to reports, with a spokesperson noting that “there is no confirmation that this was the action of Iranian state-sponsored actors.”

                                                            ********************************************************************* (Read More) ************************************* (****************************************

What do you think?

Leave a Reply

Your email address will not be published. Required fields are marked *

GIPHY App Key not set. Please check settings

Fisker shows off its new $ 37,499 electric crossover, due in 2022, Ars Technica

Fisker shows off its new $ 37,499 electric crossover, due in 2022, Ars Technica

IBM tracks coffee from bean to cup with new app