As Mitnick Knows, Security Not Always in Your Control

by FireHost Evangelist on June 30th, 2009No Comments

Kevin Mitnick, the most well known hacker of the 1990’s had his personal and business websites compromised and defaced recently, and if you query Mitnick’s domain today, you still see remnants of the hack. Words like:mitnickHacked2

$ whois mitnicksecurity.com

MITNICKSECURITY.COM.HACKED.BY.NERD.FROM.WEB-HACK.COM
MITNICKSECURITY.COM

In a phone conversation today, Mitnick disclosed to FireHost’s Chief Security Officer, Greg Martin, that he was using secure hosting practices on his site, but the hackers got to his website through his hosting company’s DNS provider. They compromised the control panel for his domain names and redirected his site to a defaced version.

Greg Martin responded to the event, “DNS security has been a hot button since last summer’s poisoning attack discovered by Dan Kaminsky. Mitnick’s attack was much more straight forward, and this is an example of why we don’t rely on third party providers to secure our customers. By maintaining the infrastructure in-house, we can help ensure the integrity and security of our customers’ web sites.”

Greg reached out to Lance James, CTO of Secure Science and author of Phishing Exposed for a comment on how he recommends protecting website from a similar attack. Lance says part of the answer is partnering with a secure web host that can provide protection from DNS vulnerabilities.

“Control Panel software has a history of successful attacks, and it is not surprising that a high-profile site such as mitnicksecurity.com is susceptible to vulnerabilities. His site is a natural target, and unfortunately, it can be extremely embarrassing when an expert in security chooses a hosting provider with such vulnerabilities,” Lance James.

Security Investments Top IT Budgets

by FireHost Evangelist on June 30th, 2009No Comments

How Self-Healing Servers Help Protect Your Website

by FireHost Evangelist on June 26th, 2009No Comments

Nine-Ball Mass Injection Attack has Compromised 40,000 Websites to Date

by FireHost Evangelist on June 23rd, 2009No Comments

Drupal Open Source Popularity on the Rise

by FireHost Evangelist on June 19th, 20091 Comment

Journalist Turns Hacker in Under One Hour

by FireHost Evangelist on June 16th, 2009No Comments

ATM Malware Helps Hackers Target Banks

by FireHost Evangelist on June 12th, 2009No Comments

Exclusive Interview with StrongWebmail’s $10,000 Hacker

by FireHost Evangelist on June 9th, 2009No Comments

FTC Shuts Down Web Hosting Firm

by FireHost Evangelist on June 9th, 2009No Comments

The Nuisance and Threat of Cross-Site Scripting (XSS)

by FireHost Evangelist on June 5th, 2009No Comments

© Copyright 2009 FireHost Inc.