Yes, that's the one. I can read a number of languages, but Polish isn't among them; I fed that article to Google Translate, and with a few bobbles it did a fair job. I remember a reference in the translation to the "FTP hotel", which I guessed means the FTP server, but for the most part the meaning was pretty obvious.
The actual Logica report was written in Swinglish -- but it was good Swinglish, and anyway I worked 14 years at a Volvo company so it wasn't strange :). --- Bob Bridges, robhbrid...@gmail.com, cell 336 382-7313 /* There are two possible outcomes. If the result confirms the hypothesis, then you've made a measurement. If the result is contrary to the hypothesis, then you've made a discovery. -Enrico Fermi */ -----Original Message----- From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> On Behalf Of Radoslaw Skorupka Sent: Friday, October 8, 2021 14:15 Yes, I remember this article. I also read that in Polish. :-) And at the time whole police report was leaked. 200+ pages. It was definitely impossible without intercepted password and many configuration mistakes. HTTP vulnerability was also there, but it was not the way to hack in. https://zaufanatrzeciastrona.pl/historia-pewnego-wlamania/ (still in Polish, inside links to several articles) --- W dniu 08.10.2021 o 16:54, Bob Bridges pisze: > The way I read in the long Polish article about the Logica hack, when I > researched it back in 2013, is that there was speculation about USS and about > an HTTP flaw, but the forensics folks in the end thought they probably got > hold of a password in the good old-fashioned way and went from there. They > did indeed find and exploit USS configuration goofs. And the HTTP flaw is > real (https://nvd.nist.gov/vuln/detail/CVE-2012-5955), but Logica's post-hack > report doesn't mention it; so they, at least, didn't think it figured into > the original break-in or in the culprits' activities afterward. > > -----Original Message----- > From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> On Behalf Of > Charles Mills > Sent: Thursday, October 7, 2021 18:49 > > Assuming you don't count Logica. ("Oh, that wasn't a real mainframe hack, > they came in through USS.") > > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On > Behalf Of Bill Johnson > Sent: Thursday, October 7, 2021 3:21 PM > > You’d have to be a poorly run shop to permit any of those to occur. Maybe > that’s why mainframe hacks have actually never happened.... ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
