Comments on: Congressional Web Site Defacements Follow the State of the Union

By: Dcsc govhttp | UsDatingAcademy

Dcsc govhttp | UsDatingAcademy — Mon, 07 Mar 2011 08:05:28 +0000

[...] Praetorian Prefect | Congressional Web Site Defacements Follow theShortly after President Obama’s State of the Union address, constituents visiting the web sites of Congressional representatives like Charles Gonzalez (20th District of Texas), … All of the sites affected are in the house.gov domain, but not every … The sites were defaced to simply show the following line of text… Filed in Uncategorized « Dessa birdsall [...]

By: Congressman Steny Hoyer Twitter impersonation attack | ITtalker.COM

Congressman Steny Hoyer Twitter impersonation attack | ITtalker.COM — Wed, 26 Jan 2011 09:00:31 +0000

[...] timing of the attack is reminiscent of last year’s mass defacement of congressional web sites following the State of the Union address by the Brazilian defacement team the Red Eye [...]

By: Congressman Steny Hoyer Twitter impersonation attack | ZDNet

Congressman Steny Hoyer Twitter impersonation attack | ZDNet — Wed, 26 Jan 2011 06:59:11 +0000

[...] timing of the attack is reminiscent of last year’s mass defacement of congressional web sites following the State of the Union address by the Brazilian defacement team the Red Eye [...]

By: routeraccess

routeraccess — Fri, 19 Nov 2010 00:22:08 +0000

@infosec pro – curious, both websites list the EXACT same employees on their about us pages, have the same site look and feel (down to the site navigation/font choice for logos), and link to the same “client login” page at https://thewdg.basecamphq.com/login.

GovTrends “about” page: http://webcache.googleusercontent.com/search?q=cache:7fXLO2uwPF0J:switch2govtrends.com/about/+http://switch2govtrends.com/about/&cd=1&hl=en&ct=clnk&gl=us&client=firefox-a

WDG’s “about us” page

http://webcache.googleusercontent.com/search?q=cache:iwaddRf1PBIJ:webdevelopmentgroup.com/about-web-development-group/+http://webdevelopmentgroup.com/about-web-development-group/&cd=1&hl=en&ct=clnk&gl=us&client=firefox-a

As is apparently prudent for them, each company is either incorporated separately or otherwise delineated as a separate entity for the sake of House and Senate contracts, but the management, employees, and general corporate attitudes appear to be exactly the same per the above publicly available information.

Unfortunately I do know what I am talking about; even more unfortunate for you personally is that your diction and cadence give away your identity, buddy.

By: Bob Smith

Bob Smith — Tue, 02 Feb 2010 01:25:05 +0000

i can shed some light on the debacle. i used to work for said company side-by-side with their former frontend developer who built those exact sites that were hacked. i heard him stress time and time again that they needed to be updated to no avail due to the owner, who wasn't the brightest bulb in the bunch and knew nothing about joomla. i left before the frontend dev decided to leave in 2009 due to a breach of contract by the owner and the frontend dev. that's only the tip of the iceberg for the incompetence and arrogance of the company and its owner. so, yes, the company is clearly in the wrong here and shouldn't be allowed in the house imo.

regarding okomo: it isn't even a cms. it's just a ‘really’ basic platform built on django masquerading as a cms, but definitely not a cms as the company states.

while, yes, i think a response is necessary on joomla's part, this company deserves no help whatsoever from the joomla community when they're not willing to accept it. it's a shame that such companies are allowed to represent joomla to the federal govt when so many people dedicate their time to the project. i can only hope the house blocks them from doing business there and that they learn a valuable lesson.

joomla should write a response and perform some positive pr to recoup what this company cost their brand.

By: InfoSec Daily » Episode 58 – Hiding in the Noise

InfoSec Daily » Episode 58 – Hiding in the Noise — Mon, 01 Feb 2010 23:19:31 +0000

[...] researchers at Praetorian Security Group, a managed security services and consultancy, wrote in a blog post Thursday. News item 7: [...]

By: The TechList: 30.Jan.2010

The TechList: 30.Jan.2010 — Sat, 30 Jan 2010 16:01:59 +0000

[...] US Congress. Sites defaced by Brazilian hackers. See what happens when you let a non-American socialist take supreme [...]

By: Prefect

Prefect — Fri, 29 Jan 2010 20:10:44 +0000

Thanks!

By: InfoSec Pro

InfoSec Pro — Fri, 29 Jan 2010 18:47:31 +0000

@routeraccess - totally wrong, GovTrends != "Website Development Group in the Senate"

Senate and House are totally separate, and GovTrends is a corporate (private-sector) contractor offering services to the House membership.

If you don't know what you are talking about, don't post!

By: Elin Waring

Elin Waring — Fri, 29 Jan 2010 15:56:47 +0000

What the defaced sites all had in common is that they were operated by the same vendor and all were using software versions that are at least 6 months behind the current releases and some that is so old that it is no longer receiving support. No sites with vendors other than Gov Trends were impacted because those sites had up to date software. It is imperative that people managing websites keep their software up to date since new releases almost always include security improvements.

This is not something that happened because of doing an update; it happened because of NOT doing updates on a routine basis therefore allowing criminals to exploit known vulnerabilities.

By: Portuguese speaker

Portuguese speaker — Fri, 29 Jan 2010 14:39:43 +0000

Actually, the worlds "O RESTO E HACKER" should probably be read as "O resto É hacker" (an "e" with an accent mark). That's a colloquial form of saying "The rest are hackers".

They are probably bragging about that defacement as making them the only real "crackers", while "the rest" [the ones who can't crack a website of such importance] are mere "hackers"

By: Congressional Web Site Defacements Follow the State of the Union « All Things MadTek

Fri, 29 Jan 2010 14:00:52 +0000

[...] Congressional Web Site Defacements Follow the State of the Union. [...]

By: Alberto Bartoli

Alberto Bartoli — Fri, 29 Jan 2010 10:19:45 +0000

I am trying to have a more detailed idea about how long the defacements have been in place (for research purposes). Any idea about that ? The news states from “shortly after the President State of the Union address” and “at 4 AM” they were still in place. Perhaps somebody might have more details…

By: Congressional Web sites hacked near Obama speech « Kotak Infotech

Congressional Web sites hacked near Obama speech « Kotak Infotech — Fri, 29 Jan 2010 07:33:57 +0000

[...] the attacks have been recorded by Zone-H, a Web site that keep tracks of defacements, according to the blog of the Praetorian Security Group. The latest attacks had not been listed by Zone-H [...]

By: Prefect

Prefect — Fri, 29 Jan 2010 00:41:22 +0000

Reasonable minds think alike ;)