Just Another Hack

by Monica G
It is very common to see or hear about hackers finding new ‘vulnerabilities’ within huge corporations, therefore it is safe to say that this is just another one. Some exploit code was discovered that affected Microsoft’s ASP.NET web development platform, it was called CVE-2011-3414. This type of code apparently allows for all CPU resources to be taken from a single server, which causes for performance to be compromised to the point of denial of service. A hacker by the name of HybrisDisaster published the code online, signing “We are Legion. Expect Us.” The signature caused more public attention because those words belong to a anonymous hacktivist group. They usually use this type of attack to support their activities, which they claim is legitimate.

This article talks about ASP.NET, in regards to attacks. This type of attack occurs on the server side, which makes the attacks that much more powerful. It is not to assume that attacks at any level are not severe and should not be taken seriously, any type of action like this should be taken seriously.

As was stated before, we hear about attacks every single day, it has become a part of life, which is why it is essential that we stay updated with our technology. If everyone does their part, including huge companies like Microsoft, there would not be such a problem. People need to learn to keep their plug-ins updated.

Citation: Constantin, L. (2012, January 10). Attack Code Published for Serious ASP.NET DoS Vulnerability. Retrieved February 19, 2012, from PCWorld: http://www.pcworld.com/businesscenter/article/247731/attack_code_published_for_serious_aspnet_dos_vulnerability.html

 

7 thoughts on “Just Another Hack”

  1. Nothing is hack proof, given time anything can be hacked, there is always a way in. Though there are preventive measures that can be used to slow these things down. Upgrading your plug-ins is one of them.

  2. Agreeing with Steve Ore, there is always a way in to a system. Hacking can include other means and it is not solely restricted to computer hacking. You can also hack through communication calling yourself someone you are not and making a sound claim to get access to any type of information. Bottom line is, it's up to the company's discretion to deter any form of hacking, and clear up any vulnerabilities.

  3. Of course both of these gentlemen are completely correct in that anything can be hacked. Of course, companies can greatly reduce their risk of exposure by securing their applications and hardware (the physical security has to be considered as well) and by training their employees. The most secure box my team has is our root certificate authority server. Because it is rarely needed, it has been powered off and is stored in a large safe in a remote location.

  4. Some said "anything made by human can be definitely broken by human". It is just matter of time and the worthiness. If you harden your site by upgrading your framework, it will take hackers longer time to hit it to the point they just leave your site alone because it is not worth to do so. But never let your guard down is never an old advice.

  5. Some said “anything made by human can be definitely broken by human”. It is just matter of time and the worthiness. If you harden your site by upgrading your framework, it will take hackers longer time to hit it to the point they just leave your site alone because it is not worth to do so. But never let your guard down is never an old advice.

  6. I did hear about this in the news, and I agree that there are many different ways of hacking. Like Steve said, upgrading plug-ins and keeping yourself updated can help prevent hackers.

  7. No system that exists today is hack proof. Its just a matter of time and patience that it would take someone to break into a system.

Comments are closed.