Microsoft France hacked – can you afford to be the next?

Acunetix secures web applications and prevents website defacement and irreversible damage to your company’s reputation.

London, UK – 20 June, 2006 – One of the websites of Microsoft France was attacked this weekend by a group of Turkish hackers who defaced the site by Web Server intrusion.

TiTHack, the handle used by the hackers, defaced http://experts.microsoft.fr (incident also confirmed by Zdnet) by exploiting a vulnerability found either in IIS6 or in one of the web applications running on the site.

The attack seems to have been done “for fun”. However, the defacement has already caused Microsoft France significant embarrassment further damaging the corporation’s global reputation. Bloggers immediately picked up on the defacement and were amused at how long it took Microsoft to fix the problem. At time of writing, the website remains unavailable after at least 1 day in its state of defacement.

The defacement as do*****ented by Zone-h read:
Hi Master (: Your System 0wned By Turkish Hackers!
redLine ownz y0u!
Special Thanx And Gretz RudeBoy |SacRedSeer|
The_Bekir And All Turkish HacKers
next target: microsoft.com
date: 18/06/2006 @ 19:06
WE WERE HERE....>

Microsoft websites around the world have long been regular targets for defacement and other forms of exploits. Such defacement occurs when hackers manage to gain access to and manipulate the code and/or files on the web server to display whatever they please. These web hacking attacks can cost a company significant loss of revenue severe fines and loss of customer trust, apart from damaging the company’s reputation and credibility.

The Acunetix Web Vulnerability Scanner automatically audits web applications and checks whether these applications are secure from exploitable vulnerabilities to such hack attacks as website defacement. An automated check of Microsoft’s web applications (using Acunetix WVS) could have saved the company from denting its reputation and credibility further through the subsequent blogs appearing over the weekend.

Acunetix provides free audit to help companies determine the security of their websites

Enterprises who would like to have their website security checked can register for a free audit by visiting http://www.acunetix.com/security-audit. Participating enterprises will receive a summary audit report showing whether their website is secure or not. Summary reports will be delivered within five business days of submission.