The developer of Plone CMS, often referred to as the most safe σύστημα διαχείρισης περιεχομένου (CMS) της αγοράς, αναφέρει ότι οι πρόσφατες δημοσιεύσεις για ένα hack στα συστήματα του FBI είναι πολύ πιθανό να είναι πλαστές.
The CyberZeist hacker, acting on behalf of Anonymous, revealed that in late December he managed to break the CMS software used by the FBI, managing to intercept more than 150 accounts, with hashed passwords.
CyberZeist reported using a exploit in a security hole in the Plone CMS, which is being used by the FBI, and that zero-day is still being sold on the black market.
In a very long publication today, Plone reports that the hack of the FBI system is unlikely, noting that the company is not aware of any zero-day flaw in its software.
"Notices of security repairs are usually issued with a two-week notice. "If the Plone security team receives reports of a zero day exploit already in place, a security update will be released immediately."
Describing the hack claim as a hoax, Plone is trying to shoot down the hack, pointing out that some of the details CyberZeist provided are not accurate, such as its operational server, which the hacker said was FreeBSD 6.2-RELEASE.
“It's highly unlikely that the FBI is running this old version of FreeBSD. Additionally, FreeBSD 6.2 provides Python 2.4, while Plone runs on Python 2.5 and does not run on older versions of Python,” Plone said.
So, what was the purpose of the hacker saying he violated the FBI page?
According to Plone, which describes its software as "a highly secure content management system," the hacker is most likely trying to sell a fake exploit and needs the advertising των μέσων ενημέρωσης για να αυξήσει την price.
But for now, it's very difficult to say what happened to the FBI CMS, but CyberZeist has promised to give more information about the violation when the zero-day sale stops.
Anyway we will somehow find out who is lying…
PS: I have to install this CMS, the company's claims to be the safest one on the market, I was curious.
