Syrian Government Hacked

@CyberJusticeT

A mystery hacking group calling itself Cyber Justice Team claims to have hacked Linux server belonging to the Syrian regulatory commission for IT services, the Syrian National Agency for Network Services.

The group has uploaded the files to the MEGA file hosting service and announced the data hack on PasteBin and also published the password of the breached server.
Is it a fresh dump?

According to security experts from Risk Based Security (RBS) who analyzed the archive most of the leaked information comes from past data breaches.

“The first pass at reviewing the data sparked a sense of some more Deja vu, as many of the files appeared to include domains from previous, smaller defacements and leaks,” states a blog post published by RBS. “Further analysis confirmed our initial suspicions.”

The data dump contains 38,768 folders, it includes 274,477 files from 55 different website domains, belonging to government agencies and private companies.

The vast majority of files in the data dump were default Plesk files, Joomla!, and Cportal (phpnuke-cms) setups. The attackers may have exploited known vulnerabilities in outdated software.

“That said, our analysis shows the data appears to originate from nans.gov.sy, the Nation Agency for Network Services, and contains data from 55 Syrian domains, 25 of which being.gov.sy: 2.org.sy; 1 com.sy and the remainder with the generic.sy. Most of the domains affected in the breach are either inactive or older domains that are no longer in use. Very few of the domains appear to be of some importance to the people of Syria.” states the RBS.

The hacker group of the Cyber Justice Team is an opponent of both the Syrian Government and the IS, both oppressors of the Syrian people.

For more details on the data dump give a look to the report published by Risk Based Security (RBS).

Security Affairs: http://bit.ly/1NvujL7

« Ransomware Everywhere: What’s The Technology Behind It?
International Co-Operation: Challenges & Potential For Engaging In Cyberspace »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Perkins Coie LLP

Perkins Coie LLP

Perkins Coie LLP is an internationalk law firm with offices across the USA and Asia. Practice areas include Privacy and Data Security.

Centre for the Protection of National Infrastructure (CPNI)

Centre for the Protection of National Infrastructure (CPNI)

CPNI works with the National Cyber Security Centre (NCSC), Cabinet Office and lead Government departments and agencies to drive forward the UK's cyber security programme to counter cyber threats.

Cyber Triage

Cyber Triage

Cyber Triage is an automated incident response software any company can use to investigate their network alerts.

Auxilium Cyber Security

Auxilium Cyber Security

Auxilium Cyber Security is independent information security consultancy company.

Aricoma

Aricoma

Aricoma are Architects of Digital. We aim to become a major player in end-to-end IT services and digital transformation in Europe.

Blockchain Research Institute (BRI)

Blockchain Research Institute (BRI)

Blockchain Research Institute (BRI) is an independent, global think-tank. We bring together the world’s top global researchers to undertake ground-breaking research on blockchain technology.

LibraSoft

LibraSoft

Librasoft creates solutions to protect information from external and internal threats.

BlackDice Cyber

BlackDice Cyber

Threat Intelligence is only part of the solution. Our solution matches threats to vulnerabilities and automatically takes remedial action against compromised apps, devices and websites.

Hex-Rays

Hex-Rays

Founded in 2005, privately held, Belgium based, Hex-Rays SA focuses on the development of fast, stable, and robust binary analysis tools for the IT security market.

Teleport

Teleport

Teleport is a remote-first technology company. We enable engineers to quickly access any computing resource anywhere on the planet.

GLIMPS

GLIMPS

GLIMPS-Malware automatically detects malware affecting standard computer systems, manufacturing systems, IOT or automotive domains.

Aptum

Aptum

Aptum is a global hybrid multi-cloud managed service provider delivering complex and high-performance cloud solutions with an integrated secure network.

Imprivata

Imprivata

Imprivata is the digital identity company for life- and mission-critical industries, redefining how organizations solve complex workflow, security, and compliance challenges.

Quarkslab

Quarkslab

Quarkslab is a dedicated team of cyber-security engineers and developers. We aim at forcing the attackers, not the defender, to adapt constantly.

CaseMatrix

CaseMatrix

Discover a new era of legal intelligence with CaseMatrix. We identify potential class action cases arising from cyber incidents and data breaches.

Metrics that Matter (MTM)

Metrics that Matter (MTM)

Metrics that Matter redefines how organizations approach cybersecurity by offering unprecedented insight into the value of their assets to criminals and tailored action plans to protect.