US uni warned, then hacked

Powered by SC Magazine
 

Hacker warned of multiple cross site scripting vulnerabilities on uni site.

A frustrated hacker has defaced the web site of the University of Vermont after multiple cross site scripting (XSS) vulnerability disclosures allegedly went ignored.

The hacker Codeine said the university was advised of XSS holes exactly one month ago but failed to patch the holes despite allegedly claiming to be doing so soon after the disclosure.

The disclosure was posted on PacketStorm.org.

The defacement read: "Is this how you all defend the privacy of your employees and students? Even after a month of being alerted of the multiple vulnerabilities, you take no action?"

Codeine claimed not to be a student of the university.

 

 

Copyright © SC Magazine, Australia


 
 
 
Top Stories
The CISO’s dilemma: Do you trust your partner’s partner?
[Blog post] How far down the chain do you check?
 
Microsoft confirms Australian Azure launch
Available from next week.
 
NBN Co names first 140 FTTN sites
National trial extended.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  11%
 
IT infrastructure (servers, storage, networking)
  22%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 289

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  60%
 
No
  40%
TOTAL VOTES: 106

Vote