Well, RSM and Vanguard and so forth claim they never do a pen test that does not succeed, so I guess yes, hacked hundreds of times.
Of course, maybe hackers aren't as smart as pen testers ... Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Bill Johnson Sent: Monday, May 6, 2019 1:07 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: mainframe hacking "success stories"? So was it hacked 100’s of times then? Since it’s so easy? Sent from Yahoo Mail for iPhone On Monday, May 6, 2019, 4:04 PM, ITschak Mugzach <imugz...@gmail.com> wrote: Zos 1.x used to ship uads with users tso00 to tso03 (or 1-4), so passwords could be collected from another system. Used this to penetrate the mainframe. Tx god ibm stop shipping pre loaded uads. בתאריך יום ב׳, 6 במאי 2019, 22:54, מאת Bigendian Smalls < mainfr...@bigendiansmalls.com>: > Which is how 80% of all the hacks today start. Find purchase and advance > your position. This is how the game is played. It was as classic of a hack > as anything today. > > > On May 6, 2019, at 21:43, Bill Johnson < > 00000047540adefe-dmarc-requ...@listserv.ua.edu> wrote: > > > > Still never would have occurred without a valid userid. > > > > > > Sent from Yahoo Mail for iPhone > > > > > > On Monday, May 6, 2019, 3:18 PM, Charles Mills <charl...@mcn.org> wrote: > > > > No. > > > > From the link you cite: > > > > "According to various sources, the hackers succeeded in finding (and > exploiting) at least 2 previously unknown errors enabling them to raise > their authorisations in the system. One of them was an error in an IBM HTTP > server and the other one was an error in the CNMEUNIX file, which in the > default configuration has SUID 0 authorisations (which means that by > leveraging on the errors it contains, one is able to execute commands with > the system administrator’s authorisations)." > > > > His "user" access to InfoTorg was not a problem for the mainframe. (It > was a problem for the MPAA lawyer whose account he accessed, but not for > the mainframe in general.) The above mainframe security vulnerability was. > > > > Charles > > > > > > -----Original Message----- > > From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] > On Behalf Of Bill Johnson > > Sent: Monday, May 6, 2019 11:17 AM > > To: IBM-MAIN@LISTSERV.UA.EDU > > Subject: Re: mainframe hacking "success stories"? > > > > The Pirate Bay hack acquired a valid mainframe userid and password off > of a Microsoft laptop. In effect, not really a mainframe hack. He just > logged on. https://badcyber.com/a-history-of-a-hacking/ > > > > Sent from Yahoo Mail for iPhone > > > > > > On Monday, May 6, 2019, 1:21 PM, Charles Mills <charl...@mcn.org> wrote: > > > > #1: Noooooo. It was a legitimate mainframe hack (assuming you consider > USS a legitimate part of the mainframe, which it has been for 20 years or > so). It was an exploit of CGI buffer overrun. > > > > #2: It drives me nuts to hear mainframers explain away mainframe > breaches. "It wasn't really a mainframe hack, they got in through USS." "It > wasn't really a mainframe hack, they re-used a Windows password." "It > wasn't really a mainframe hack ... whatever." If your CEO was standing in > front of the press explaining how your company let x million credit card > numbers go astray, would it matter HOW they got into your mainframe, or > only that they DID?" If your mainframe is vulnerable to a USS hack, or a > shared Windows password, or whatever, you need to fix THAT, or risk having > to explain to your CEO why he got fired (like Target's) for letting all > those credit card numbers go astray. > > > > Charles > > > > > > -----Original Message----- > > From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] > On Behalf Of Bill Johnson > > Sent: Sunday, May 5, 2019 10:00 AM > > To: IBM-MAIN@LISTSERV.UA.EDU > > Subject: Re: mainframe hacking "success stories"? > > > > Wasn’t really a mainframe hack. It was a laptop hack that acquired > legitimate mainframe credentials. > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
