Data dump; Network intrusion
Government (U.S.)
Hacker(s) exposed the WordPress configuration file, apparently including the backend database location and password. This configuration file was then published on an online public bulletein board. Perps exploited a weakness called a directory traversal vulnerability. “That's where you construct a URL that persuades the server to navigate to a part of the web server you aren't supposed to be able to access, and to retrieve content from there. . .Poor handling of filenames “seems to have been what was wrong on the Study in the States website.” Hacktivist group NullCrew announced 1/5/13.
NEXT STORY: Network intrusion