A potential aim of getting these specific passwords would be to be able to use those user's identification credentials have custom crafted vulnerabilities at the source level checked-in into Source Control in one or more any of the Apache applications and frameworks (not just the Apache Web server but things like modules and language frameworks and libraries).
Certainly for state actors engaging in cyber-war, having their own backdoors in things like the Apache Webserver would be invaluable. They also have t
You need more than that. Continuous code auditing is needed. You never know when a person has been compromised. Maybe they got paid lots of money, or maybe they are the member of an extremist group.
There is also the possibility of a password being stolen, and you don't find out about it. A smart attacker could just make small subtle changes so they aren't discovered.
These guys seemed to be going for the brute force push through on everything. Which is why they were caught.
Injection of vulnerabilities at the source (Score:2)
A potential aim of getting these specific passwords would be to be able to use those user's identification credentials have custom crafted vulnerabilities at the source level checked-in into Source Control in one or more any of the Apache applications and frameworks (not just the Apache Web server but things like modules and language frameworks and libraries).
Certainly for state actors engaging in cyber-war, having their own backdoors in things like the Apache Webserver would be invaluable. They also have t
Re:Injection of vulnerabilities at the source (Score:2)
You need more than that. Continuous code auditing is needed. You never know when a person has been compromised. Maybe they got paid lots of money, or maybe they are the member of an extremist group.
There is also the possibility of a password being stolen, and you don't find out about it. A smart attacker could just make small subtle changes so they aren't discovered.
These guys seemed to be going for the brute force push through on everything. Which is why they were caught.