funsec mailing list archives
Fwd: [ISN] Sneaky state employees may have inadvertantly exposed info to hackers
From: "The Security Community" <thesecuritycommunity () gmail com>
Date: Tue, 25 Mar 2008 10:05:58 -0400
A rather interesting story. And fun! Proxies are one of my favorite subjects. If you go to veryfastproxy.com, the proxy the State workers were using, you will notice it has an extremetracking.com web-bug in the lower left hand corner (that little purple Jupiter logo). If you follow the bug (http://extremetracking.com/open?login=fastprox) and if you're quick enough, you just may notice the site is still getting hit by *.state.fl.us addresses. YMMV as the site gets more traffic. I'm not sure if Florida has fixed it's problem or made it worse. ---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> Date: Tue, Mar 25, 2008 at 4:13 AM Subject: [ISN] Sneaky state employees may have inadvertantly exposed info to hackers To: isn () infosecnews org http://www.news-press.com/apps/pbcs.dll/article?AID=/20080324/NEWS01/80324038/1075 By Bill Cotterell Florida Capital Bureau Political Editor The News-Press March 24, 2008 TALLAHASSEE -- State employees who tried to hide their computer tracks by using a "proxy site" might have exposed their personal information to hackers in Germany. The Department of Financial Services found out late last week that, at least five times, employees contacting the state payroll system had gone through the proxies that throw up a dead end when supervisors try to find out where a computer user has been. The department said there have been no security breaches and no known cases of identity theft, but the department has ordered a statewide re-set of passwords when employees access the payroll system. It doesn't involve e-mail or other computer systems, just the payroll site where employees can view their W-4 forms and other payment data. Kevin Cate, deputy communications director for DFS, said a "proxy site" is like a mirror held up to a computer. He said an employee wanting to contact a site like YouTube or MySpace on a state computer might go to a proxy site and then enter several other sites. If the boss checks later, all that would show would be the employee's entry to the proxy site. It's possible that, after using the proxy site for some Web surfing, employees might have thought they'd logged out -- but they were still linked to the proxy. Then, when they went on the state's payroll site and entered their user names and passwords, the information might have been exposed to anyone on the other end of the computer link. Cate said DFS has broken all known proxy links. He said the state's payroll site, MyFloridaCFO.com, is completely secure and if employees use it, they have nothing to fear. But if they use proxy sites, they have now way of knowing if their inputs are secure, he said. ___________________________________________________ Subscribe to InfoSec News http://www.infosecnews.org/mailman/listinfo/isn _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Fwd: [ISN] Sneaky state employees may have inadvertantly exposed info to hackers The Security Community (Mar 25)