Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
South Korea Charges Alleged Hackers
Newest First  |  Oldest First  |  Threaded View
PJS880
50%
50%
PJS880,
User Rank: Ninja
4/23/2013 | 5:10:54 PM
re: South Korea Charges Alleged Hackers
There is a lot going on over there in the KoreaGs. If this guy has been working with foreign governments, then the amount of information should be nothing less than significant. The article did not say much about the other guy, what is he charged with releasing and what is his history? You would figure with al the drama that has been occurring over there that the security of these types of breeches would be in the highest priority.

Paul Sprague
InformationWeek Contributor
Andrew Hornback
50%
50%
Andrew Hornback,
User Rank: Apprentice
4/10/2013 | 3:45:23 AM
re: South Korea Charges Alleged Hackers
North Korea's got a lot of bluster for a country with an air force (if you can call it that) that still flies biplanes.

While I think it's important that all of the foreign nationals in South Korea be safe, this whole "conflict" seems to amount to a pair of Yorkshire Terriers with bad attitudes yapping at each other from across the street while their owners exchange friendly hellos. And, of course, those friendly folks from Anonymous have to capitalize on the spotlight being shone upon the Korean peninsula - starting to think that they're just out for the glory and headlines while the real folks that we need to be wary of are the ones that don't seek the headlines and attention.

There are a lot of ifs and whens that will shape this conflict... if China decides they've had enough of Kim Jong-un, expect North Korea to fall like a house of cards. If North Korea pulls the trigger first and goes after Seoul (which is their expected initial target due to proximity to the DMZ), they're not expected to be able to keep a barrage going for long and with a pair of US Air Force Bases in country as well as a carrier battle group based in Yokosuka, Japan, it wouldn't take long (if this administration is willing) to counterpunch.

Meanwhile, keep your popcorn handy as we watch the hacking back and forth between these two Yorkies. It won't get boring, that's for sure.

Andrew Hornback
InformationWeek Contributor


5 Ways to Up Your Threat Management Game
Wayne Reynolds, Advisory CISO, Kudelski Security,  2/26/2020
Google Adds More Security Features Via Chronicle Division
Robert Lemos, Contributing Writer,  2/25/2020
Cybersecurity Industry: It's Time to Stop the Victim Blame Game
Jessica Smith, Senior Vice President, The Crypsis Group,  2/25/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-9463
PUBLISHED: 2020-02-28
Centreon 19.10 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the server_ip field in JSON data in an api/internal.php?object=centreon_configuration_remote request.
CVE-2020-5247
PUBLISHED: 2020-02-28
In Puma (RubyGem) before 4.3.2 and 3.12.2, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entirely new response body. This...
CVE-2020-9447
PUBLISHED: 2020-02-28
The file-upload feature in GwtUpload 1.0.3 allows XSS via a crafted filename.
CVE-2019-10064
PUBLISHED: 2020-02-28
hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743.
CVE-2019-8741
PUBLISHED: 2020-02-28
A denial of service issue was addressed with improved input validation.