Sony and the Apache versions

Everybody heard was happened to Sony. They got hacked… twice, 100 million user account were compromised, Wired release a chat Log showing show the credit card owners from Sony will lose all they money(http://www.wired.com/threatlevel/2011/05/carders/).

One of the cause why this has possible was because Sony was running an obsoleted version of Apache Web server on their mainframe and they were not using any firewall at all. Now.. is it just me or this seems a very, very, very bad idea even when you a simple HTML site for a third world country company? And the second question that pops into my head: after being hacker the first time, wouldn’t it be a good idea to run a “apt-get dist-upgrade”, even with the risk of 1 day of downtime?(worst case scenario).

At least, they were encrypting the information regarding the credit card accounts. But with what benefit if they forgot to lock the front door?

Resources:
Link

Advertisements

About Stefan Fodor

inscriptie pe un mormant
This entry was posted in IT Security, Week 18. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s