[OWASP-Bangalore] [Owasp-delhi] Appin-Online, Ethical Hacking Training Company, Hacked! Wall of Shame!

Niranjan Patil niranjan.patil at gmail.com
Thu Sep 9 00:39:31 EDT 2010


There is nothing to be surprised here. With not much control of the hosting
environment and shared hosting servers, these days one should be prepared
with such things whether it is a security consulting/training company or
a non-IT business line. There were many such cases including one where an
independent security researcher's website was hacked just before he was to
deliver a security talk at a conference, (I am not able to get that news
article at this time, some one could help). He gracefully accepted and
shared it in the conference.

What is expected from this firm but not showed is a professional approach to
the incident. They seem to have quickly recovered but no indication
of openness in declaring the defacement incident or accepting the risks
faced. A classic case of incident handling and analysis with true spirit of
openness is of the Apache XSS hack.

https://blogs.apache.org/infra/entry/apache_org_04_09_2010

Regards,
Niranjan Patil, CISSP
Information Security Consultant
Blog <http://www.outscribe.org> | Twitter <http://www.twitter.com/outscribe>
 | LinkedIn <http://www.linkedin.com/in/niranjanpatil>




On Wed, Sep 8, 2010 at 2:16 AM, Soi, Dhruv <dhruv.soi at owasp.org> wrote:

>  Atleast they have got good incident response, below screenshot suggests
> so:
>
>
>
>
>
> *From:* owasp-delhi-bounces at lists.owasp.org [mailto:
> owasp-delhi-bounces at lists.owasp.org] *On Behalf Of *Soi, Dhruv
> *Sent:* 08 September 2010 02:09
> *To:* owasp-delhi at lists.owasp.org; owasp-mumbai at lists.owasp.org;
> owasp-bangalore at lists.owasp.org; owasp-pune at lists.owasp.org;
> owasp-kolkata at lists.owasp.org; owasp-kerala at lists.owasp.org;
> owasp-hyderabad at lists.owasp.org; owasp-chennai at lists.owasp.org;
> owasp-ahmedabad at lists.owasp.org
> *Subject:* [Owasp-delhi] Appin-Online, Ethical Hacking Training Company,
> Hacked! Wall of Shame!
>
>
>
> Strange, yet interesting to know!
>
>
>
> -----Original Message-----
> From: hackers [mailto:h4ck3r4u at fastmail.fm]
> Sent: 08 September 2010 01:34
> To: dhruv.soi at owasp.org
> Subject: Your Country is really Incredible
>
>
>
>
>
> How u Guyz can be like This  ????
>
>
>
> Screen looks like this:
>
>
>
> Fetch it from these fuckin’ sites, if the masters restore:
>
> http://www.cyber-mirror.org/Mirror/152966/appinonline.com/
>
> http://www.legend-h.org/mirror/152438/appinonline.com/
>
>
>
>
>
> Available via proxy (Zone-H blocks Indian IPS)
>
> http://zone-h.org/mirror/id/11366382
>
>
>
> http://img826.imageshack.us/img826/3965/aap.png
>
>
>
> main site
>
>
>
> http://www.appinonline.com/
>
>
>
>
>
>
>
> Enjoy :)
>
>
>
>
>
> --
>
>   h4ck3r
>
>
>
>
>
> --
>
> http://www.fastmail.fm - Send your email first class
>
> _______________________________________________
> OWASP-Bangalore mailing list
> OWASP-Bangalore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-bangalore/attachments/20100909/bb1a63d0/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 16878 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-bangalore/attachments/20100909/bb1a63d0/attachment-0002.jpe 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 28968 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-bangalore/attachments/20100909/bb1a63d0/attachment-0003.jpe 


More information about the OWASP-Bangalore mailing list