GCHQ website falls after threats from Anonymous

Feb12
by Ike on February 12, 2014 at 1:24 pm
Posted In: Uncategorized

GCHQ’s website at www.gchq.gov.uk is exhibiting some noticeable performance issues today, suggesting that it could be suffering from a denial of service attack.

Last week, documents from whistle-blower Edward Snowden revealed that GCHQ carried out denial of service (DoS) attacks against communications systems used by the hacktivist group Anonymous during their own Operation Payback, which itself involved carrying out denial of service attacks against high profile websites such as MasterCard, Visa, Amazon, Moneybookers, and PostFinance.

This caused some furore amongst supporters of Operation Payback, some of whom were tried and convicted for carrying out denial of service attacks. Denial of service attacks are illegal in the UK under the Police and Justice Act 2006, yet the leaked slides suggest that GCHQ may have used such techniques against Anonymous, resulting in 80% of IRC users leaving within a month.



Part of a statement published by Anonymous on AnonNews.

Following these revelations, a statement on GCHQ’s war against Anonymous was posted on the AnonNews website. The statement ends with a suggestion that some kind of retaliation could be expected: “Now that we truly know who it was who attacked us, Expect all of us.”

Twitter accounts associated with Anonymous also fuelled suggestions that they could be responsible for GCHQ’s website woes, with some referring to the #TheDayWeFightBack hashtag.


Curiously, a much larger amount of downtime has been observed from Netcraft’s Romanian performance monitor since the leaked slides were made public. That could indicate much more extreme DDoS mitigation techniques are being applied to these requests, and this in turn suggests that if an attack is occurring, perhaps Romania is one of the countries from which the attacks are being launched.

The www.gchq.gov.uk website is served from a content delivery network run by Limelight Networks, who claim to be one of the world’s largest, best performing, and most highly available content delivery networks. Although it remains hosted at the same location, the website changed its Server header from “WebServer” to “EdgePrism/4.1.2.0” earlier this week. Limelight Networks first unveiled EdgePrism in 2001, so any similarities to the name of the NSA’s PRISM mass electronic surveillance program are presumably coincidental.

 Comment 

Debian: 2858-1: iceweasel: Multiple vulnerabilities

Feb11
by Ike on February 11, 2014 at 5:22 pm
Posted In: Uncategorized

(Feb 10) Multiple security issues have been found in Iceweasel, Debian’s version of the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, too-verbose error messages and missing permission checks may lead to the execution of arbitrary code, the bypass of security [More…]

 Comment 

Debian: 2857-1: libspring-java: Multiple vulnerabilities

Feb11
by Ike on February 11, 2014 at 5:09 pm
Posted In: Uncategorized

(Feb 8) It was discovered by the Spring development team that the fix for the XML External Entity (XXE) Injection (CVE-2013-4152) in the Spring Framework was incomplete. [More…]

 Comment 

EasyApache EOL Items Removed

Feb11
by Ike on February 11, 2014 at 7:48 am
Posted In: Uncategorized

2/10/2014
Houston, TX –

cPanel, Inc. has released EasyApache 3.24. This version removes Apache 1.3/2.0, PHP 5.2, and mod_frontpage. As mentioned in Introducing EasyApache’s Optimal Profiles, these End of Life (EOL) items are no longer available in EasyApache.

These items have been removed for the following reasons:

  • They are no longer supported by their respective developers.
  • They include unpatched CVEs (Common Vulnerabilities and Exposures).
  • EasyApache provides the most up-to-date, supported versions of Apache (2.2/2.4) and PHP (5.4/5.5).

Keep in mind that viable alternatives to mod_frontpage exist, such as WebDAV and FTP. Also, PHP 5.2 and mod_frontpage are available as custom modules (“opt mods”).

Important: Starting May 11, 2014, EasyApache users running EOL cPanel & WHM versions (11.38 and older) will no longer receive EasyApache updates. These users will still be able to rebuild EasyApache using the latest release prior to May 11, 2014. A message will appear in the WHM user interface and command line interface warning EasyApache users of this change. EasyApache users running cPanel & WHM version 11.38 will not see this message until that version reaches EOL at the end of April 2014. To learn how to upgrade your version of cPanel & WHM, visit http://go.cpanel.net/upgradeversion.

To ensure that you receive up-to-date product news from cPanel, we encourage you to subscribe to the “Security Advisories and Product Release Announcements” mailing list here: http://cpanel.net/mailing-lists

 Comment 

Red Hat: 2014:0135-01: java-1.6.0-ibm: Critical Advisory

Feb09
by Ike on February 9, 2014 at 4:47 pm
Posted In: Uncategorized

(Feb 4) Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More…]

 Comment 

62 queries. 8.25 mb Memory usage. 1.290 seconds.