[ale] OT: Egghead cracked

Bob's ALE Mail transam at cavu.com
Tue Dec 26 17:25:27 EST 2000


OT: Egghead cracked; credit cards compromised

Egghead's M$ IIS web server was cracked in the past week, apparently due to
the unpatched M$ IIS Unicode exploit.

Anyone who has used Egghead (and thus has their credit card data on file
at Egghead) is at risk for being the victim of credit card fraud.  The
most common fraud seems to be charges showing as being from Russia or
Moscow for Telecom/phone services.  Those at risk may want to advise
their credit card company.

CD Universe suffered a similar fate earlier this year (with a different
exploit through their IIS web server).

Bob Toxen
transam at cavu.com                       [Bob's ALE Bulk email]
bob at cavu.com
http://www.cavu.com
http://www.realworldlinuxsecurity.com/ [My new book: Real World Linux Security]
Fly-By-Day Consulting, Inc.      "Don't go with a fly-by-night outfit!"
Quality Linux & UNIX security and software consulting since 1990.
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.





More information about the Ale mailing list