Skip to main content

Security Bug in ICANN Portals Exploited to Access User Data

The Internet Corporation for Assigned Names and Numbers (ICANN) announced on Thursday the completion of the first phase of its investigation into the impact of a vulnerability affecting two of the organization’s generic top-level domain (gTLD) portals.
On February 27, ICANN shut down the New gTLD Applicant and GDD (Global Domains Division) portals after learning of a security flaw that exposed user records. The affected websites are only accessible to applicants and registry operators, and they are used in the evaluation and contracting processes.
In early March, shortly after restoring access to the affected portals, ICANN noted that it hadn’t found any evidence of unauthorized access. However, after reviewing logs dating back to April 2013, when the New gTLD Applicant portal was activated, and March 2014, when the GDD portal was activated, the two consulting firms called in by ICANN to investigate the incident determined that some users had in fact accessed records that didn’t belong to them.
“Based on the investigation to date, the unauthorized access resulted from advanced searches conducted using the login credentials of 19 users, which exposed 330 advanced search result records, pertaining to 96 applicants and 21 registry operators. These records may have included attachment(s). These advanced searches occurred during 36 user sessions out of a total of nearly 595,000 user sessions since April 2013,” ICANN said.
Source: KING.NET

Comments

Popular posts from this blog

Alternative Social Networks

If you are planning to create your  social network  e.g. similar to Facebook. Here's a short list of alternative software's: Open Source and Free​ http://buddypress.org/  - Wordpress (Open Source and Free) http://elgg.org/  - (Open Source and Free) Commercial Social Networks software http://www.socialengine.com/  ($299 Stand Alone, $29/mo Cloud) http://www.jomsocial.com/  (run with Joomla, need to know CMS) http://www.boonex.com/  (very expensive, $399 for Standard) http://www.anahitapolis.com/ http://www.oxwall.org/ http://sharetronix.com/ http://www.moosocial.com/ http://www.jcow.net/ http://phpdolphin.com http://www.grou.ps  (from free to Commercial, I left my networks and they are selling it  http://www.phpfox.com/  (I used this before, it's hard to maintain. I moved to NING but left too after it was sold to another company) http://www.ning.com  (I don't recommend using this service, it's hard to export your data when it's time to move) S

Learning Vulnerability Scanning by KING.NET

Learning Vulnerability Scanning is fun and easy. So I hope you enjoy reading this short how to guide on how to use vulnerability scanning to secure your servers and networks. NMAP is the swiss tool that you need to learn if you're serious in Cyber Security profession. The NMAP tool can be use with NSE scripting (Nmap Scripting Engine) to automate your tasks. For example using NSE Script using a  single vulnerability (cold fusion)  to scan our test lab machine. root@kali:~# nmap -v -p 80  --script http-vuln-cve2010-2861  10.11.1.220 Starting Nmap 6.47 ( http://nmap.org ) at 2016-07-22 17:34 EDT NSE: Loaded 1 scripts for scanning. NSE: Script Pre-scanning. Initiating ARP Ping Scan at 17:34 Scanning 10.11.1.220 [1 port] Completed ARP Ping Scan at 17:34, 0.04s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 17:34 Completed Parallel DNS resolution of 1 host. at 17:35, 13.01s elapsed Initiating SYN Stealth Scan at 17:35 Scanning 10.11.1.220 [1 port] Comp