Major Hole in RIAA Site Exposed

Printable View

September 21st, 2002, 01:08 AM
Tedob1

Major Hole in RIAA Site Exposed

Major Hole in RIAA Site Exposed

http://www.internetnews.com/dev-news...le.php/1467201

A security site that is well-known in the hacker community on Friday exposed a critical error that opened the Recording Industry Association of America's (RIAA) Web site to attacks.

The major security breach occurred after the RIAA's web administrators failed to secure a portion of the site to remote access, opening the door to anyone who wanted to deface the site or upload pirated music files.

The breach in security ironically comes after the RIAA.org Web site was the victim of a major defacement a couple weeks ago.

According to a spokesperson for the RIAA, network administrators are looking into the problem in order to close the breach. The vulnerability has now been password-protected.

"It was an oversight that has now been corrected," the spokesperson said, but wouldn't elaborate on what controls were being implemented to avoid future problems.

"It's amazing the site hasn't been defaced already," said Roberto

*************************************

Everybody thought it was a trap!
September 21st, 2002, 02:43 AM
alittlebitnumb

Quote:

Everybody thought it was a trap!

With a hole that obvious, I agree totally. It's like it saying, "c'mon in!!!" That's really something! Also, if the current problem is passoword protected for now, I really hope they get some real admins to fix the hole where it's not just a band-aid, because a determined cracker can start brute forcing. It's scary.

Thanks for the read.

regards
September 21st, 2002, 03:26 AM
th3>kLuTz

and, if another black hat defaces their site again *smirk*, then they are just hardening the case that the RIAA is trying to make.... I say, everyone let the P2P stuff die for a while till the RIAA blows off their steam and then forgets about all of the file sharing.

BTW, this is my 100th post wooohooo!