Beware of Web defacement attacks targeting Hong Kong

Last Update Date: 2 Oct 2014 21:01 Release Date: 2 Oct 2014 6027 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Attacks - Other

TYPE: Other

1. Multiple Hong Kong websites were found defaced. They were injected with the logo and slogan of the attacker claimed to be from "OpHongKong hosted by Anonymous". These websites covered different small private businesses.

 

2. The attacks used security vulnerabilities of the web server or application. 

 

HKCERT issued a press release [/my_url/articles/14100201] on October 2 on the matter.

Impact

  • Data Manipulation

Solutions

1. HKCERT advised the enterprises to follow the following steps immediately to ensure the websites are secure 

  • Patch the web server and web applications with the latest updates 
  • Change all default application passwords 
  • Use strong password or two-step verification 
  • Restrict access and protect web administrator login page 
  • Remove all unused modules and application extensions

 

2. As a good practice user should prepare their web servers better with the following measures 

  • Separate the web and Database servers 
  • Validate user supplied inputs in web applications 
  • Use web application firewall 
  • Perform penetration testing and vulnerability scanning on a regular basis 
  • Consider code scanning for critical applications
  • Perform regular backup

 

If you encounter any security attacks please report to HKCERT (Hotline: 8105 6060).

Vulnerability Identifier

  • No CVE information is available

Share with

Previous

GNU Bash "Shellshock" Vulnerability

25 Sep 2014 5399 Views

Next

Fake CODE4HK Mobile Application Attack

18 Sep 2014 3863 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY