[WEB SECURITY] MSN site hacked in South Korea

Jeremiah Grossman jeremiah at whitehatsec.com
Wed Jun 8 12:36:07 EDT 2005


It looked to me like the MSN Korea Web site was an "incident", while 
the Hotmail XSS news stories were a "disclosure". I've added the links 
I'm aware of under the appropriate sections. Thanks for the submission 
Ofer

Real World Web Hacking URL's
http://www.webappsec.org/documents/real_world_web_hacking.shtml


About your comment on adding the vulnerability/attack information to 
each link, I think its a great idea. Actually, some of the link 
submissions I received originally had this data included.  To get a 
more consistent set, we'd need some assistance to review each news 
story and apply a best guess. Anyone on the list want to volunteer?

Regards,

Jeremiah-



On Wednesday, June 8, 2005, at 02:07  AM, Ofer Shezaf wrote:

>
> Well, not just in South Korea
>
> http://www.pcmag.com/article2/0,1759,1825250,00.asp
>
> Jeremiah, can you add it to the "Real World Web Hacking URL's" page?
> Another idea regarding this page is to try to categorize it by the
> vulnerability type, which would provide an interesting statistics for
> the eternal debate about "which vulnerability is most common"
>
> ~ Ofer
>
> ---
> MSN Site Flaw Exposes Hotmail Accounts to Prying Eyes
> 06.07.05   Total posts: 1
>
> By Libe Goad
> One week after hackers exploited a weakness in the MSN Korea Web site,
> Microsoft admitted to taking down part of its MSN site over the weekend
> after learning about a flaw that would allow hackers to access Hotmail
> accounts.
> Reports say the MSN Web site, ilovemessenger.msn.com, contained a
> cross-site scripting flaw. That means someone could potentially use to
> site to obtain user data via "cookies," or bits of user data, by having
> MSN customers click on a malicious URL. Once someone clicked the URL,
> hackers would be able to access their personal e-mail accounts.
>
>
>
> Ofer Shezaf
> CTO, Breach Security
> Phone (US): +1 (760) 268.1924 ext. 702
> Phone (Israel): +972 (9) 956.0036 ext.212
> Cell: +972 (54) 443.1119
> ofers at breach.com
> http://www.breach.com
>
>> -----Original Message-----
>> From: zeno at cgisecurity.net [mailto:zeno at cgisecurity.net]
>> Sent: Friday, June 03, 2005 5:54 AM
>> To: websecurity at webappsec.org
>> Subject: [WEB SECURITY] MSN site hacked in South Korea
>>
>> Just found this on cnn a few minutes ago.
>>
>> "WASHINGTON (AP) -- Microsoft acknowledges that hackers booby-trapped
> its
>> MSN Web site in South Korea
>> to steal passwords from visitors. The company says it was unclear how
> many
>> Internet users might have
>> been victimized."
>>
>> ...
>>
>> "The Korean site, unlike U.S. versions, was operated by another
> company,
>> which Microsoft did not identify.
>> Microsoft's own experts and Korean police were investigating, but
>> Microsoft believes the computers were
>> vulnerable because operators failed to apply necessary software
> patches,
>> said Sohn, an MSN director."
>>
>> http://www.cnn.com/2005/TECH/06/02/ms.hack.ap/index.html
>>
>>
>>
>>
>> - zeno
>> http://www.cgisecurity.com
>>
>> ---------------------------------------------------------------------
>> The Web Security Mailing List
>> http://www.webappsec.org/lists/websecurity/
>>
>> The Web Security Mailing List Archives
>> http://www.webappsec.org/lists/websecurity/archive/
>
>
> ---------------------------------------------------------------------
> The Web Security Mailing List
> http://www.webappsec.org/lists/websecurity/
>
> The Web Security Mailing List Archives
> http://www.webappsec.org/lists/websecurity/archive/
>


---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/



More information about the websecurity mailing list