Core Security Technologies may be in trouble again. “snc0pe” claims to have breached their networks for the third time, posting IDs and passwords publicly. The last time snc0pe hacked Core Security was September 2011, leaving the front page defaced.
Core Security Technologies is a computer and network security company that provides penetration testing and security measurement software products and services. The company’s research arm, CoreLabs, identifies security vulnerabilities, publishes advisories, and works with vendors to eliminate the exposures they find.
Core is dismissing the attack as insignificant, claiming that it was launched against an 8 year old, unused server that contains no relevant information.
- What is an unused server doing connected to the internet?
- What access does it offer to other internal and external resources?
- Just how irrelevant is the information that is stored on it, or accessible using its credentials?