>b's weblog

News. Journal. Whatever.

Ausreden, Folge 2Die geheimen Kassen der Katholischen Kirche

So wie's aussieht, wurde das OpenSSL-Defacement über einen Angriff auf den Hypervisor gemacht

Website defacement: provisional details.
==========================================

Last updated: 1st January 2014

On Sun 29th December 2013 at around 1am GMT the home page
of www.openssl.org was defaced. We restored the home page
just after 3am GMT and started forensics, investigation,
and recovery.

Initial investigations show that the attack was made via
hypervisor through the hosting provider and not via any
vulnerability in the OS configuration.  Steps have been
taken to protect against this means of attack in future.

The source repositories have been checked and they were
not affected.  Other than the modification to the
index.html page no changes to the website had been made.

More details to follow.

(Quelle: OpenSSL.org)

Zurück zum Blogindex