Two New Compromises
Friday, May 12. 2006
Our honeypots at RWTH Aachen university remain rather active. We had again two compromises and in both incidents we observed phishing groups. The attacker compromised the machines with the help of exploits against web applications. It seems that web applications are currently one of the easiest ways to 0wn a network...
The analysis of both incidents is not ready yet, but I will post an update once I have more details. In addition, our CWSandbox is currently in beta test, so expect a public webinterface in the near future :)
The analysis of both incidents is not ready yet, but I will post an update once I have more details. In addition, our CWSandbox is currently in beta test, so expect a public webinterface in the near future :)
".
