From 0531523b372cc251a8391f5a12447d62f53916a9 Mon Sep 17 00:00:00 2001
From: luxagraf <sng@luxagraf.net>
Date: Sun, 25 Oct 2015 08:45:11 -0400
Subject: initial commit

---
 published/Webmonkey/Monkey_Bites/2007/08.13.07/Mon/unhack.txt | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 published/Webmonkey/Monkey_Bites/2007/08.13.07/Mon/unhack.txt

(limited to 'published/Webmonkey/Monkey_Bites/2007/08.13.07/Mon/unhack.txt')

diff --git a/published/Webmonkey/Monkey_Bites/2007/08.13.07/Mon/unhack.txt b/published/Webmonkey/Monkey_Bites/2007/08.13.07/Mon/unhack.txt
new file mode 100644
index 0000000..80ca4a7
--- /dev/null
+++ b/published/Webmonkey/Monkey_Bites/2007/08.13.07/Mon/unhack.txt
@@ -0,0 +1,9 @@
+Facebook wasn't the only site with security troubles this weekend. The United Nations website was attacked by "hacktivists," who replaced speeches by secretary-general Ban Ki-Moon with pacifist messages. 
+
+As with the [Facebook code breach][3], the U.N. site left itself open to attack by failing implement industry standard security measures. In the case of the U.N., hackers gained access via a well-documented SQL injection flaw (passing unescaped strings, which allowed the attacker to inject their own SQL).
+
+While the site was quickly restored and the injected content removed, Hackademix, a security blog, [captured the attack in some screenshots][1]. Hackademix also [notes][2] that the U.N. site is likely not yet protected against similar attacks in future.
+
+[1]: http://hackademix.net/wp-content/uploads/2007/08/un-ss2.png
+[2]: http://hackademix.net/2007/08/12/united-nations-vs-sql-injections
+[3]: http://blog.wired.com/monkeybites/2007/08/amatuer-program.html
\ No newline at end of file
-- 
cgit v1.2.3-70-g09d2