European Space Agency Suffers Security Breach, Confidential Information Disclosed 

by iClass - Tuesday, April 19, 2011
In the recent times, data breach incidents have become a common occurrence. In yet another data breach incident, an attacker successfully intruded into some of the FTP servers of the European Space Agency (ESA). The attacker was successful in extracting sensitive information and has allegedly published around 200 usernames and passwords on his blog site. The attacker has revealed information related to main server, root, database, admin, editor and FTP accounts. Some of the usernames, e-mail addresses and passwords are easily readable on the blog page of the attacker. The attacker has not revealed the method used to breach security and gain unauthorized access to the affected databases.

The affected FTP servers are used by researchers affiliated to partner organizations for exchanging information. Information security professionals are investigating the incident and the affected FTP servers have been taken offline. The attacker has identified himself as TinKode. TinKode was in the news for intruding into the website of British Royal Navy, MySQL.com. He was also behind attacks on some of National Aeronautical Space Administration's (NASA) websites, the U.S Army, Reuters and Kaspersky Portugal among others. The attack took place on the anniversary of Apollo 13 crew's safe return to earth following a failed moon mission. TinKode revealed details of 13 FTP accounts to match the number of the mission. TinKode has also provided a brief description of ESA on his blog site.

Leakage of user credentials may provide attacker with access to privileged user accounts, which may contain strategic information. Revelation of such sensitive information may pose threat to national security. Attackers may also modify and delete information contained in the databases. Websites must be regularly tested for vulnerabilities and security lapses. Professionals qualified in IT degree programs, secured programming and penetration testing may help organizations in timely detection and mitigation of security weaknesses.

Attackers constantly scan and exploit vulnerabilities through sophisticated techniques. Websites are susceptible to SQL injection, cross-site scripting and distributed denial-of-service (DDoS) attacks. IT professionals must keep themselves abreast of latest developments in website security, modus operandi of attackers and threat prevention mechanisms through training sessions and online IT degree programs.

Users must avoid common passwords on multiple websites as attackers having access to password for one account may easily gain access to other accounts of the user. Passwords must be unique and must not contain personally identifiable information. Online IT courses, e-tutorials and adherence to security alerts may help users in understanding security threats and safe online computing practices.

Contact Press
EC-Council
Website: http://www.eccuni.us
Email: iclass@eccouncil.org
Tel: 505-341-3228

EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.

EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.

EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.

-

0    submitted by iClass -
Read More Press Releases

Pakistan Marks 68th Day of Independence By A Momentous Shine On Global Academic Forefronts—The Historic Launch Of IRT Research Model.

Press Release

Wackiest Pharma Conspiracy Debunked by Pakistani Arch-researcher Dr. Aurangzeb Hafi’s Polygonal Research.

The News--The Pharma-Media Alliance Never Wants The Public Know

Saahil Peerzaada - Turning good ideas into successful brands

Teen CEO Reality Show Founder > > LIVE on National Media – OC Talk Radio, July 1st, 2014

New Guide To Tone Abdominal Muscles Published Online

Bodybuilding Workouts Are For Everyone

Dukan Diet - A How To Lose Weight Fast Plan Fit For Royalty

Core Liquidity Markets Announces Affiliate Program

Get press releases by email