A foreign hacker group in Turkey has allegedly gained access to at least two sensitive U.S. Army servers. Both attacks redirected users to alternate sites. The first to a site containing anti-American information. The second to a page about climate change. It is unclear if the group also accessed sensitive information as a result of the attacks. The attackers appear to have exploited an SQL injection vulnerability.
From what we can tell, it appears that an easy to fix vulnerability was used to exploit these systems. In a previous post I illustrated how 90 percent of all data breaches exploit vulnerabilities that are well known and patches have been available for months. This seems to be a similar case here.
