Comcast servers compromised by similar attackers as Bell Canada

Hacker group NullCrew claims to have broken into Comcast’s servers today, exploiting a vulnerability reported in December 2013, but not patched.Over the weekend of 01 February 2014 the hacker group also claimed credit for performing a SQL injection attack against telecom supplier Bell Canada.

Bell170They were able to access account login and password information for more than 22,000 little industry customers of Bell’s internet service.The attackers allegedly contacted Bell client support two weeks before the disclosure.

The client service representative clearly didn’t understand the gravity, nor did they escalate to someone who did.

From what we can tell the similar thing happened when NullCrew hacked Comcast.It appears that Comcast, the largest internet service provider in the United States, uses Zimbra as an inside communications platform.

NullCrew exploited an unpatched safety vulnerability to gain access to usernames, passwords and other responsive details from Comcast’s location.They posted the purloined data on pastebin and taunted the industry on Twitter.

Sometimes it appears there is nothing we can do to protect ourselves, but in this case I think there is a valuable lesson.NBCComcast170The vulnerability exploited by the attackers was disclosed and set in December 2013. While that isn’t forever ago, it is enough time that it could have been remedied.

None of us can assume that it will take time, particularly 60 days, for criminals to determine they can take benefit of flaws in our programs.We may have had the luxury of waiting 30 or even 120 days in the past, but today we must continue an accurate and up to date inventory of all software that is deployed and patch it immediately.

Visit at : http://www.nigerianspam.com/

 

This entry was posted in Hackers and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Nigerianspam.com is dedicated to all the hardworking people who have been scammed by the spammer or 419 scam frauds. Although our site concentrates on providing awareness of Nigerian 419 spam (scam), scam baiting, advance fee fraud, scam phising, also we deal with other types of fraud such as letter spam, e-mail scam, lottery spam as well. You can go through our scam baiting tips, it is just amazing way to deal with the spammer or scammer.

Nigerian Scam  |   419 Scam   |   Features of Scam  |   Mission  |   Research  |   Mail Archives  |   About Us   |   File A Complaint  |   Spam News  |   Origin Of Scam   |   Operation Of Scam   |   Consequences   |   Miscellaneous Scams   |   Scam Sites   |   FAQ   |   Contact Us  |   Scam Resources Links  |   Nigerian Scammers  |   Site Map  |   Mail Archives SiteMap  |   Scam Glossary  |   Scam Resources Books  |   Scam Checker Tool  |   Scam baiting   |   More Scam Sites  |  Scam Awareness Quiz  |   Celebrity Scam  |  Search Engine Genie  |   Bharat Udyog Ratna Award Scam Alert  |   Jeff Adams Real Estate Seminar   |   Russ Whitney Real Estate
free hit counter