[Web4lib] security is just an eight letter word - the HBGary hack

Robert L. Balliot rballiot at oceanstatelibrarian.com
Mon Mar 7 08:59:25 EST 2011


where security is just an eight letter word

This article from Arstechnica exposing the conditions that led to the HBGary
hack demonstrates the problem with the weakest link in infosec. In this
case, the weakest link appears to have been simple passwords hashed in MD5
and available in rainbow tables :

http://bit.ly/gMySkD

*************************************************
Robert L. Balliot
Skype: RBalliot
Bristol, Rhode Island
http://oceanstatelibrarian.com/contact.htm
*************************************************
-----Original Message-----
From: web4lib-bounces at webjunction.org
[mailto:web4lib-bounces at webjunction.org] On Behalf Of Lepzelter Berry, Carol
G.
Sent: Friday, February 25, 2011 11:43 AM
To: 'web4lib at webjunction.org'
Subject: [Web4lib] FW: Important Notice - Library Proxy Logins on the web

Some of these logins do work - you might want to search for your library, so
you can get the account(s) closed.....



Happy Friday



carol lepzelter berry
senior electronic resources librarian
argonne national laboratory
630-252-3876
"There is no pool so shallow that a thousand bloggers won't drown in it."
-- George Monbiot 2008


-----Original Message-----
From: CHEMICAL INFORMATION SOURCES DISCUSSION LIST
[mailto:CHMINF-L at LISTSERV.INDIANA.EDU] On Behalf Of Louise Peck
Sent: Friday, February 25, 2011 5:59 AM
To: CHMINF-L at LISTSERV.INDIANA.EDU
Subject: [CHMINF-L] Important Notice - Library Proxy Logins on the web

IMPORTANT NOTICE

* * * Apologies for cross posting * * *

We have just noticed this blog site that provides login information for
library proxy servers and we thought as it contains sensitive information,
you may want to report this so it is removed and if you are listed, you may
want to change the login information.

http://hrkfiles.blogspot.com/2011/02/ezproxy-database-part-2.html

I have forwarded this to a few libraries that were on this page - and yes
the logins worked.

Instead of continuing to forward this to individual libraries - I thought
this listserv might be the better way to disseminate this information:

------------------------------------------------------

Please forward this to whom it may interest.

Kind regards

Louise
Louise Peck, Library Marketing Specialist
Royal Society of Chemistry, Thomas Graham House,
Science Park, Cambridge, CB4 0WF, UK
Tel: +44 (0) 1223 432669, Fax: +44 (0) 1223 420247
www.rsc.org/publishing<http://www.rsc.org/publishing>
peckl at rsc.org<mailto:peckl at rsc.org>


DISCLAIMER:

This communication (including any attachments) is intended for the use of
the addressee only and may contain confidential, privileged or copyright
material. It may not be relied upon or disclosed to any other person without
the consent of the RSC. If you have received it in error, please contact us
immediately. Any advice given by the RSC has been carefully formulated but
is necessarily based on the information available, and the RSC cannot be
held responsible for accuracy or completeness. In this respect, the RSC owes
no duty of care and shall not be liable for any resulting damage or loss.
The RSC acknowledges that a disclaimer cannot restrict liability at law for
personal injury or death arising through a finding of negligence. The RSC
does not warrant that its emails or attachments are Virus-free: Please rely
on your own screening.

CHMINF-L Archives (also to join or leave CHMINF-L, etc.)
http://listserv.indiana.edu/archives/chminf-l.html
Search the CHMINF-L archives at:
https://listserv.indiana.edu/cgi-bin/wa-iub.exe?S1=chminf-l
Sponsors of CHMINF-L:
http://www.indiana.edu/~libchem/chminfsupport.htm


carol lepzelter berry
senior electronic resources librarian
clepzelter at anl.gov
argonne national laboratory
630-252-3876
"One should always keep an open mind, but not one that is so open that your
brains drop out."
-- Carl Sagan



_______________________________________________
Web4lib mailing list
Web4lib at webjunction.org
http://lists.webjunction.org/web4lib/







More information about the Web4lib mailing list