Two Sentenced for DDoS Attacks on PayPal and Other Site

Two Sentenced for DDoS Attacks on PayPal and Other Sites
A UK court has sentenced two men to jail for their involvement with the
hacking collective that calls itself Anonymous. Christopher Weatherhead
and Ashley Rhodes received sentences of 18 months and seven months,
respectively, for launching distributed denial-of-service (DDoS)
attacks against a number of sites, including PayPal, MasterCard,
and Visa. Two other men were involved in the attacks: Peter Gibson
received a six-month sentence, suspended for two years. Jake Birchall
will be sentenced on February 1. The convictions in this case are
believed to be the first in the UK for DDoS attacks.

Hardcoded Backdoors in Barracuda Gear
Multiple products from Barracuda have been found to have hardcoded
backdoors that could be exploited to gain access to vulnerable
systems. The backdoor accounts, which can be accessed via the
secure shell (SSH) protocol, allow attackers to log in remotely
and access sensitive information or take control of networks. The
backdoor accounts are protected with weak passwords and cannot be
disabled. The problem was reported to Barracuda in November 2012. There
is a specific set of IP addresses that can access the appliances,
but Barracuda does not own all of those addresses. Barracuda is urging
all users to update their security definitions to version 2.0.5.



Cisco Issues Patches for Vulnerabilities in Wireless LAN Appliances
Vulnerabilities in Cisco wireless LAN appliances could be exploited
to allow remote code execution and trigger denial-of-service
conditions. Cisco has released a fix for the problems and is urging
administrators to patch affected products. In some instances, limiting
SNMP access on wireless controllers can lessen the threat of attacks.