Miadhu website attacked
Miadhu, one of Technova's recently launched websites, was attacked yesterday. The intruder gained access to the site via our custom developed Content Management System(CMS) backend that handles the management operations of the site. Access to the CMS was gained by means of password guessing - a work which was made unbelievably trivial with the presence of an account name and password to match - "miadhu" for both! The attackers then attempted to delete existing content and to add data to the website of which the latter they managed to execute successfully. They left behind random messages in the articles they added - messages that were as deep and simple as a "kekeke" to ones dissing Jabir and President Maumoon.
Miadhu notified us of the intrusion and we spent a good hour rummaging through the logs, mapping out the actions of the attacker and assessing the damage. Patching the door through which the attackers entered only involved changing account names and passwords in addition to advising the client to maintain secure password policies.
The website is now back running as it were...
Miadhu notified us of the intrusion and we spent a good hour rummaging through the logs, mapping out the actions of the attacker and assessing the damage. Patching the door through which the attackers entered only involved changing account names and passwords in addition to advising the client to maintain secure password policies.
The website is now back running as it were...