International Telecommunication Union   ITU
 
 
Site Map Contact us Print Version
 Thursday, December 10, 2009

A "friendly" hacker called c0de.breaker claims to have broken into two secure internal sites at NASA's Instrument Systems and Technology and Software Engineering divisions, and snapped screen shots to prove the protected sites were intruded.

"I didn't want to make something bad!" c0de.breaker wrote in a web posting. "Only to show NASA (has) many vulnerable subdomains to SQLI (SQL injection), XSS (cross-site scripting), etc." The hacker gained access through a combination of a SQL injection and poor access controls. The National Aeronautics and Space Administration has had major problems securing its websites for years.

 

(Source: Gov Info Security)

Full story

Gov Info Security