Contributors
Jeremiah Grossman
(WhiteHat Security)

Ofer Shezaf
(Breach Security) [Project Leader]

The Web Hacking Incidents Database
Last update:17 February 2008

List of Incidents for a Classification

Please note that classifications are a new feature and not all entries in WHID are already classified, so when you get a certain number of entries for a classification, WHID might have more records matching that classification that we did not classify yet. We hope to complete the classification process soon.

Select classification:
Attack Method, Country, Location, Origin, Outcome, Software, Vertical

Select criteria for classification "Vertical":
Education, Entertainment, Finance, Government, Health, Information Services, Internet, Marketing, Media, Politics, Retail, Security & Law Enforcement, Service Providers, Sports, Technology

List of incidents for which Vertical is Technology
7 incidents listed
WHID 2007-86: Mac Blogs defaced using XSS
Reported: 17 February 2008
Occurred: 23 November 2007

Classifications:

  • Attack Method: Cross Site Scripting (XSS)
  • Country: Global
  • Outcome: Defacement
  • Vertical: Technology

The standard disclaimer that we do not cover each and every defacement is relevant to this entry as well. So why do we include the defacement incident this time? First and foremost, it is known to be an XSS abusing a WordPress zero day bug. Secondly, it is a targeted attack aiming to deface only Mac related web sites. Usually targeted defacement attacks are carried out against political targets. Did attacking apple become a political issue? Was Apple transformed into a nation overnight? Well certainly into a cult.

References:

WHID 2008-07: Another Free MacWorld Platinum Pass? Yes in 2008!
Reported: 28 January 2008
Occurred: 14 January 2008

Classifications:

  • Attack Method: Brute Force
  • Country: USA
  • Outcome: Monetary Loss
  • Vertical: Technology

Kurt already got his free MacWorld pass last year (WHID 2007-14), but it seems that nothing changes year after year and he was able to pull a similar trick this year. As the codes that allow customers to get the passes where hashed but stored on the client browser, Kurt was able to crack them.

References:

WHID 2007-38: Gentoo takes server offline due to security vulnerabilities
Reported: 30 August 2007
Occurred: 07 August 2007

Classifications:

  • Attack Method: SQL Injection
  • Attack Method: OS Commanding
  • Vertical: Technology

This gem is very interesting since it happened on Gentoo servers. It therefore combines transparency into the incident that only an open source project can offer with the importance and resource of a large one. As a result we have a detailed report about the vulnerability, exploit attempts and event people shouting at each other during the patching process. What can we learn from this? That no server is secure, and that patching is hard.

References:

WHID 2007-30: Microsoft UK site defaced
Reported: 01 July 2007
Occurred: 27 June 2007

Classifications:

  • Attack Method: SQL Injection
  • Country: UK
  • Outcome: Defacement
  • Vertical: Technology

Yet another defacement, but with a very high profile target, and a detailed description of the attack which took advantage of an SQL injection vulnerability. The report even includes a video recording of the attack.

References:

WHID 2007-18: Microsoft.com defaced
Reported: 06 May 2007
Occurred: 03 May 2005

Classifications:

  • Attack Method: SQL Injection
  • Country: USA
  • Origin: Saudi Arabia
  • Outcome: Defacement
  • Vertical: Technology

This incredible story from our friends at Zone-H shed light on one of those defacement attacks, which usually go unexplained. This time an infamous Saudi-Arabian hacker abused SQL injection vulnerability in Internet Explorer Administration Kit web site. And guess what type of SQL injection: A login form SQL injection!

References:

WHID 2007-14: Your Free MacWorld Expo Platinum Pass
Reported: 02 April 2007
Occurred: 11 January 2007

Classifications:

  • Attack Method: Credential/Session Prediction
  • Country: USA
  • Outcome: Loss of Sales
  • Vertical: Technology

A priority code, used to get free platinum pass to MacWorld Expo, was validated on the client and enabled anyone get the pass for free. While "grutz" informed the organizers about it, when going over their log files they found out that others abused the vulnerability without letting anyone know about it.

References:

WHID 2007-11: Nokia defaced by XSS
Reported: 30 March 2007
Occurred: 29 January 2007

Classifications:

  • Attack Method: Cross Site Scripting (XSS)
  • Country: Canada
  • Outcome: Defacement
  • Vertical: Technology

Nokia's Canadian Web Site was defaced using an XSS attack.

References:


This work is licensed under the Creative Commons Attribution License. To view a copy of this license, visit http://creativecommons.org/licenses/by/2.5/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.
 
© Copyright 2005, Web Application Security Consortium. All rights reserved.