Discus Systems PLC - IT Support Company in Birmingham West midlands
0800 880 3360
 
Posted by Graham Keen on Tue 15th Mar 2011



Germany's federal finance ministry has pulled its website offline after receiving notification of a serious security problem from white hat hackers affiliated to the Chaos Computer Club (CCC).
 
Flaws on the the Federal Finance Agency website reportedly created a means to spy on customers of the government agency, steal login credentials or run phishing attacks. The bug reportedly existed for months before CCC stumbled upon the flaw. It is unclear whether or not the vulnerability was ever exploited or used as part of any scam.
 
The agency – Deutsche Finanzagentur – is involved in the placement of federal borrowing as well as the managing of federal debt. It also provides an entry point for internet banking services provided by bundeswertpapiere.de.
 
Flaws in the configuration of the web server used by the agency created a means to mount hard-to-detect phishing attacks, according to an advisory (in German) on the breach published by CCC over the weekend.
 
A notice on the Deutsche Finanzagentur said that the site was temporarily unavailable without providing any indication on when services might be restored.
 
John Leyden

+0

-0

 
corner spacer corner


Veeam Specialist Microsoft Small Business Specialists Birmingham Microsoft Gold Certified Partner Birmingham Siemens Solution 1 Reseller Birmingham Sonicwall Specialists Birmingham Business Link Approved Birmingham Fujitsu Primergy Certified Partner Birmingham Facebook Follow us on Twitter ESET NOD32 VMWare
IT Support
IT Services
IT Solutions
Get Support Now
Sitemap
© 2017 Discus Systems plc. All rights reserved. Content Management by Verve Digital