Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Web security breach changes the lives of 119 people

from [Kim Dyer] Network Security [Permanent Link]
Subject: RE: Web security breach changes the lives of 119 people
Date: Thu, 10 Mar 2005 07:19:28 -0500 


Chances are that nobody at Harvard Business School or ApplyYourself Inc. 
bothered to contemplate the most obvious scenario: that somebody other 
than the 119 accused, or their friends and family, was responsible for 
the majority of (or all of) the attempts to access application records.


Actually, every report I've heard on this incident says that they 
Specifically DID consider that.


What information of a personal nature would have been required in order 
to access the pending application? 


Passwords and or PINs from what I've been reading.


Perhaps it 
was possible to browse any one of the pending applications once one had 
penetrated the ApplyYourself Inc. security perimeter.


The reports I've seen said that you could only see the one application if
you saw anything.  I guess the majority just got a blank screen.


This is more likely than is the scenario as it has been depicted.


You don't think it likely people would want to sneak a peek if they thought
they could?  That's pretty much just human nature.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Web security breach changes the lives of 119 people, Griffiths, Ian
Next by Date:  Re: PHP Directory Transversal, Richard Moore
Previous by Thread:  Re: Web security breach changes the lives of 119 people, Jason Coombs
Next by Thread:  RE: Web security breach changes the lives of 119 people, Altheide, Cory B. (IARC)
Indexes:  [Date] [Thread] [Top] [All Lists]