The way I read in the long Polish article about the Logica hack, when I researched it back in 2013, is that there was speculation about USS and about an HTTP flaw, but the forensics folks in the end thought they probably got hold of a password in the good old-fashioned way and went from there. They did indeed find and exploit USS configuration goofs. And the HTTP flaw is real (https://nvd.nist.gov/vuln/detail/CVE-2012-5955), but Logica's post-hack report doesn't mention it; so they, at least, didn't think it figured into the original break-in or in the culprits' activities afterward.
--- Bob Bridges, robhbrid...@gmail.com, cell 336 382-7313 /* I've never hated a man enough to give him his diamonds back. -Zsa-Zsa Gabor */ -----Original Message----- From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> On Behalf Of Charles Mills Sent: Thursday, October 7, 2021 18:49 Assuming you don't count Logica. ("Oh, that wasn't a real mainframe hack, they came in through USS.") -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Bill Johnson Sent: Thursday, October 7, 2021 3:21 PM You’d have to be a poorly run shop to permit any of those to occur. Maybe that’s why mainframe hacks have actually never happened.... ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN