[aklug] SANS info - Barracuda break-in

From: barsalou <barjunk@attglobal.net>
Date: Sat Apr 16 2011 - 08:39:26 AKDT

As a condition of use, they have asked us not to re-post this on a =20
website, but it can be passed along via e-mail. Sign up here:

https://portal.sans.org/login.php?yatf

No. I'm not going to keep posting these, but again, passed =20
conversation tells me that we either use these devices or are aware of =20
their use in local businesses.

The last one that I'm not going to post about is the Adobe Zero day =20
flaw for flash. A fix is supposed to have been released yesterday.

We live in interesting times! :)

Mike B.

  --Barracuda Suffers Network Intrusion
(April 11 & 12, 2011)
An attacker broke into a database at Barracuda Networks and stole
information that was then posted to the Internet. The data appear to
include names and email addresses. The attack was launched on April 9
during a period when the firewall that was supposed to protect it had
been taken offline for maintenance. The attack was launched through an
SQL injection flaw.
http://news.cnet.com/8301-1009_3-20053125-83.html?tag=3Dmncol;title
http://www.computerworld.com/s/article/9215723/Hacker_breaks_into_Barracuda_=
Networks_database?taxonomyId=3D82
http://www.scmagazineus.com/barracuda-hack-highlights-importance-of-defense-=
in-depth/article/200690/
http://www.eweek.com/c/a/Security/Security-Firm-Barracuda-Networks-Embarrass=
ed-by-Hacker-Database-Breakin-729619/

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Sat Apr 16 08:39:33 2011

This archive was generated by hypermail 2.1.8 : Sat Apr 16 2011 - 08:39:33 AKDT