![]() ![]() The threat actors used an insecure upload script to upload the web shell and then directly call it as this directory was web accessible and had execute permissions set on it-no Local File Inclusion (LFI) or Remote File Inclusion (RFI) required. It soon became apparent that the pirates knew the contents of every crate being shipped, using bar codes on the shipping containers to identify and steal only certain items, leaving the rest.Īs Verizon discovered, the pirates had exploited an unpatched vulnerability in the shipping company’s homegrown content management system (CMS) to create a backdoor, which they used to access records of shipping routes, schedules and container contents. Rather than hijacking a ship and holding the crew hostage for days, the pirates were in and out in a matter of hours. The hackers were said to have been threatening to release five and 20-minute segments of the film until payment was recieved.Here’s a lesson in web security, taken from a story about maritime pirates.Īccording to a recent RISK Labs report from Verizon, a security team from the company was tapped to help a global shipping company deal with its pirate problem.Īlthough the shipping company had dealt with pirates before, something changed in recent months that raised alarm – the pirates began targeting specific ships and even specific containers to find what was most valuable to them. The FBI said that it could neither confirm nor deny the report.Ī spokesman for producer Jerry Bruckheimer declined to comment and directed TheWrap to Disney. ![]() ![]() Iger did not disclose to employees the movie or the amount of ransom (purportedly demanded by hackers to be paid in Bitcoin), but said Disney currently working with the FBI on the matter.Īlso Read: Does 'Pirates of the Caribbean: Dead Men Tell No Tales' Have a Post-Credits Scene?ĭisney did not return TheWrap’s request for comment. Also Read: 'Pirates' and 'Baywatch' Search for Memorial Day Booty Despite Poor ReviewsĪccording to the The Hollywood Reporter, Disney CEO Bob Iger said in a meeting with ABC employees on May 15th in New York that hackers claimed to have a stolen movie, but did not disclose the film or the amount demanded.ĭeadline reported that the hackers have stolen the upcoming Johnny Depp vehicle “Pirates of the Caribbean: Dead Men Tell No Tales,” set for release on May 26. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |