On Sunday hackers left a rant about ADSL on the search.bt.com site, and yesterday btworldwide.com was defaced by the Prime Suspectz group of hackers.
Paul Rogers, network security analyst at MIS, informed AccountancyAge.com sister site vnunet that although BT had patched its btworldwide.com server against the well-known hackers’ favourite ‘unicode bug’, it still had other vulnerabilities present.
‘It’s surprising that it’s still not fully secure,’ he said. ‘You’d expect a big company like BT to follow its own in-house security procedures, even down to the web servers.’
Rogers added that a vulnerability still exists on btcellnet.net servers allowing an intruder to compromise customer accounts.
‘We warned BT Cellnet about this months ago, but it still hasn’t been patched,’ he said. ‘This is another case of people not following proper security procedure,’ he added.
Credit card company Visa’s German home page was also broken into yesterday, another case of vulnerable versions of NT and IIS 4 not being updated properly. The hackers, Reflux and Asouza, also left a worrying message in their native Portuguese on the site: ‘We will now buy a webcam with the credit card numbers we stole,’ it said.
The comment would appear to be nothing more than a scare tactic, however, as no credit card details are kept on the site.
‘That still doesn’t bode well for Visa’s reputation with customers,’ warned Rogers. ‘Would you still want to use your credit card online with a company that can’t even secure a web server?’
UK senior partner Phil Verity has been elected for a second term at Mazars
Tallat Mahmood appointed to corporate finance team of Top 20 firm
After a seven-year saga, a result has been reached between Margaret May and CIMA over misconduct
ACCA and Morison KSi have signed a global Memorandum of Understanding (MOU) to raise accountancy profession standards