this is funny

When you have general news to share - put it HERE (If it's tech related please put in the tech news zone)

this is funny

Postby Harry » Fri Jun 05, 2009 4:28 pm

http://blogs.zdnet.com/security/?p=3514

A Webmail service that touts itself as hack-proof and offered $10,000 to anyone who could break into the CEO’s e-mail has lost the challenge.

A trio of hackers successfully compromised the e-mail using persistent cross-site scripting (XSS) vulnerability and are now claiming the bounty.


in relation to this challange:
http://www.strongwebmail.com/news/secur ... -password/
Drugs have taught an entire generation of kids the metric system..

TAZ's better half: http://www.theadminzone.com/
User avatar
Harry
Site Admin
 
Posts: 6784
Joined: Sat Feb 11, 2006 10:44 pm
Location: UK :-)

Re: this is funny

Postby rapier57 » Fri Jun 05, 2009 6:20 pm

That is funny! Put up a challenge, put a bunch of cash out as a reward, give the ID and password, and then not verify your side of things. Hacked by a persistent XSS. Actually, a social engineering approach in combination with the XSS.

Well, arrogance has its price.
Rapier57.

Jayne: Testing. Testing. Captain, can you hear me?
Mal: I'm standing right here.
Jayne: You're coming through good and loud.
Mal: 'Cause I'm standing right here.


@rapier57
User avatar
rapier57
I've posted HOW many
 
Posts: 3126
Joined: Thu Mar 02, 2006 10:43 pm
Location: Spokane, WA USA

Re: this is funny

Postby rapier57 » Fri Jun 05, 2009 9:53 pm

BUMP!

BTW, you should see Tom Liston's post referencing this on isc.sans.org (http://isc.sans.org/diary.html?storyid=6517) today.

Sorry for the double post, but I thought this should come back to the top.
Rapier57.

Jayne: Testing. Testing. Captain, can you hear me?
Mal: I'm standing right here.
Jayne: You're coming through good and loud.
Mal: 'Cause I'm standing right here.


@rapier57
User avatar
rapier57
I've posted HOW many
 
Posts: 3126
Joined: Thu Mar 02, 2006 10:43 pm
Location: Spokane, WA USA


Return to News Room

Who is online

Users browsing this forum: No registered users and 25 guests

cron