www-4hou-com.translate.goog
Open in
urlscan Pro
2a00:1450:4001:82a::2001
Public Scan
URL:
https://www-4hou-com.translate.goog/posts/Yq49?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en&_x_tr_pto=wapp
Submission: On May 17 via manual from US — Scanned from DE
Submission: On May 17 via manual from US — Scanned from DE
Form analysis 1 forms found in the DOM
Name: searchform — https://www.4hou.com/search-post
<form action="https://www.4hou.com/search-post" class="navbar-form inSearch " name="searchform" onsubmit="return checksubmit() ">
<div class="br">
<input type="text" name="keywords" autocomplete="off" placeholder="Search ends with a carriage return...">
<button type="submit"></button>
</div>
<script type="text/javascript">
$(function() {
$(".br input").focus(function() {
$(".contrib").hide();
});
$("input[name='s']").blur(function() {
$(".contrib").show();
});
});
</script>
<div id="reci" style="width:0px;border:0px;display: none;">
<p>
<font style="vertical-align: inherit;">
<font style="vertical-align: inherit;">roar</font>
</font>
</p>
<p>
<font style="vertical-align: inherit;">
<font style="vertical-align: inherit;">Safety</font>
</font>
</p>
<p>
<font style="vertical-align: inherit;">
<font style="vertical-align: inherit;">Vulnerability</font>
</font>
</p>
</div>
</form>Text Content
40-year-old Lianjia employee deletes 9T of company data, sentenced to 7 years * front page * read * Topic * hoarse votes * hiss * hiss * Atlas Contribute Log in register roar Safety Vulnerability * front page * * Topic * hoarse votes * hiss * Atlas Contribute NEWS event Crack Contest TECHNOLOGY web security business security binary safe wireless security system security Intranet penetration ransomware safety tool database security reverse crack cryptocurrency malicious software 40-YEAR-OLD LIANJIA EMPLOYEE WHO DELETED THE COMPANY'S 9T DATA WAS SENTENCED TO 7 YEARS Huaqing Xin'an industry 2022-05-13 09:36:27 collect Introduction: According to the China Judgment Documents website, Han Bing, the former database administrator of Lianjiawang (Beijing) Technology Co., Ltd., was sentenced to seven years in prison in the first instance for the crime of sabotaging the computer information system. The appeal was rejected in the second instance and the original sentence was upheld. According to China Judgment Documents.com, the former database administrator of Lianjia.com (Beijing) Technology Co., Ltd., Han Bing, was sentenced to seven years in prison in the first instance for the crime of sabotaging the computer information system. The appeal was rejected in the second instance and the original sentence was upheld. Lianjia DBA sentenced to seven years in prison for deleting database According to the accusation by the People's Procuratorate of Haidian District, Beijing, at about 14:00 on June 4, 2018, Han Bing (born on November 25, 1980) used his Acting as the database administrator of Lianjiawang (Beijing) Technology Co., Ltd. and mastering the convenience of the "root" authority of the company's financial system, log in to the company's financial system, and delete the financial data and related applications in the system, resulting in the company's financial system being completely Inaccessible. It is reported that the destroyed servers are 2 database servers and 2 application servers specially used by the company for the EBS system, the IP addresses of the 2 database servers are 10.10. .28.96 and 10.200.28.97. The company's financial system stores all the financial data since the establishment of the company, which affects the salary payment of the company's personnel, etc., and is of great significance to the entire operation of the company. The company spent a total of RMB 180,000 to restore the data and rebuild the system. According to the testimony of Zhou Mou, director of the professional ethics construction center of Lianjia Company, only five people from the technical support department have the authority to enter the company's financial system. When the company found that there was a problem with the financial system, it collected the computers of these five people, and four of them took the initiative to hand it over. Only Han Bing refused to explain his laptop password, so he found that Han Bing was suspicious and reported the case on behalf of the company. The senior director of the technical assurance department of Lianjia Company said that Han Bing claimed that his computer had privacy, and the password could only be provided to the public security organs, or could only be checked by entering the password in his own presence. No abnormality was found in the computer during the inspection at that time, but Such an inspection is completely impossible to rule out Han Bing's suspicion. The way the company's financial system is attacked can be executed as long as it is connected to the server. Such an operation will not leave traces on the computer, but will only leave traces on the server. At that time, the company checked everyone's computer and performed these checks mainly to see the feedback from Han Bing and others. The company determined that Han Bing's sabotage had nothing to do with the inspection. This inspection did not cancel the suspicion of anyone. On the contrary, only Han Bing did not provide the user name and password of his computer. In the end, Han Bing was locked by the multi-party evidence provided by the company. State Information Center Electronic Data Forensic Appraisal Center forensic appraisal opinion, confirming that after on-site extraction and inspection and identification, the IP address 10.33.35.160 was exported after logging in to the server on site. During the event log on June 4, 2018, the DHCP server converted the IP address 10.33.35.160 Assigned to a network access device with a client ID (device MAC address) of EA-36-33-43-78-88 at 14:17 on June 4, 2018, the hostname of the device is Yggdrasil, at 14:00 47 cents were also allocated to the network access device with client ID EA-36-33-43-78-88, which had hostname Yggdrasil; further analysis of IP address 10.33.35.160 during June 4, 2018 For all Internet behavior records, export all network access logs from the IP address 10.33.35.160 in the Internet behavior management server from June 1 to 4. In the above logs, it is clear that the MAC address of the access terminal corresponding to the IP address 10.33.35.160 is EA -36-33-43-78-88, which is consistent with the log information extracted from the DHCP server. During the period from June 1st to 4th, all network access of this IP address is mainly concentrated between 14:00 and 15:28 on June 4th. It can be determined that the physical area corresponding to the IP address 10.33.35.160 is within the network area covered by the switch on the 3rd floor of Fudao Building, No. 11 Kaiyuan Road, Haidian District, Beijing. Beijing Zhonghai Yixin Information Technology Co., Ltd. Judicial Appraisal Office forensic opinion, confirming that after extracting the Apple computer of the defendant Han Bing, the computer was not retrieved to log in to the server involved in the case. IP: 10.10.26.33, 10.10.26.34, 10.200.28.96 , the record of 10.200.28.97; the computer system is MacOSX10.13.5, the host name is Yggdrasil; the Mac address of the computer's Wi-Fi is 28-CF-E9-1C-48-13; WiFiSpoof software is installed in the computer; In the $InodeTable file in the computer, 92 records related to Mac address 28: CF: E9: 1C: 48: 13 were retrieved, and 4 records related to Mac address EA: 36: 33: 43: 78: 88 were retrieved ; The terminal record in this computer contains the shred and rm commands, which are locally executed commands. Beijing Tongda Fazheng Forensic Appraisal Center forensic appraisal opinion confirms that after appraisal of the laptops held by the other four people, the computer names of the four computers are not Yggdrasil, and the MAC addresses are not EA-36-33-43-78- 88. The behavior logs of the four computers on June 4, 2018 were not found to log in to the financial system and execute the -shred and -rm commands to delete them. After the identification of the computer records and the video materials provided by Lianjia, the court found Han Bing guilty of destroying the computer information system in the first instance and sentenced him to seven years in prison. The second instance dismissed the appeal and upheld the original judgment. Twice raised issues with the financial system but not taken seriously The reason for this is not reflected in Han Bing's testimony, but it is speculated from the testimony of colleagues that Han Bing discovered a security problem in the company's financial system during his tenure and sent an email to another database administrator of Lianjia, Zhang Mou, During the meeting, the two reported the security problems of the financial system to a number of leaders, and suggested that the company start a security project to fix the security problems, but the leaders did not take it seriously. Two weeks later, the department working on the financial line was assigned to the information line, and the two reported the security issues of the financial system to Zhou Xiaolong, the leader of the information line. During the process, there was an argument with Zhou Xiaolong. 此外,链家公司职业道德建设中心总监在证词中提到:韩冰2018年2月到公司负责财务系统维护,5月被调整至技术保障部,工作地点从朝阳区酒仙桥总部调整至海淀区上地福道大厦。韩冰对组织调整有意见,觉得自己不受重视,调整之后消极怠工,经常迟到早退,也有旷工现象。经查看公司监控录像,韩冰于2018年6月4日11点左右到福道大厦三层西侧自己的工作区域上班,当天18时左右离开公司。 回看 2020 年,删库事件接二连三: 1、2020 年 2 月 23 日 18 时 56 分许,贺某酒后因生活不如意、无力偿还网贷等个人原因,在其暂住地上海市宝山区逸仙路 XXX 弄 XXX 号 XXX 室,通过电脑连接公司虚拟专用网络、登录公司服务器后执行删除任务,将微盟服务器内数据全部删除。 导致微盟自 2020 年 2 月 23 日 19 时起瘫痪,300 余万用户(其中付费用户 7 万余户)无法正常使用该公司 SaaS 产品,经抢修于 3 月 3 日 9 时恢复运营(故障时间 8 天 14 个小时)。 截至 2020 年 4 月 30 日,造成微盟公司支付恢复数据服务费、商户赔付费及员工加班报酬等经济损失共计人民币 2260 余万元。 最终,贺某犯破坏计算机信息系统罪,判处有期徒刑六年。 2、2020 年 4 月 13 日,王某因某网络科技有限公司 驳回其开发的 OBS 对象存储服务代码的奖金要求,心怀不满,便产生了报复公司的想法。 当日 11 时许,王某在该公司使用 root 超级管理员账户登录至华为云服务器的 FTP,修改了其开发的 obs 对象存储服务代码,导致 2020 年 4 月 14 日 8 时至 9 时 35 分,某平台运行异常,该公司代发的政府电子消费劵领取受阻,直至当日 10 时 43 分,11225 名会员才领取完当日电子消费劵,给该平台声誉及会员收益造成严重影响。 最终,王某被判处拘役五个月、缓刑六个月。 这些事情告诉所有打工人:删库或许容易,但跑路是不可能的。最后,希望所有公司做好安全方案的同时善待打工人。 If reprinting, please indicate the original address * share to Thank you for your support, I will continue to work hard! Open WeChat and scan it and click on the upper right corner to share. COMMENT Comment YOU MAY BE INTERESTED IN * Starting today, you can install one less agent! * Overview of encrypted traffic in attack and defense drill scenarios * Encrypted traffic detection technology in attack and defense drill scenarios * Haiyun An successfully passed the CCRC "Mobile Internet Application (App) Personal Information Security Test" proficiency verification * "Security Lecture" Issue No. 14|Unbreakable, Unbreakable: Threats and Solutions of Software Supply Chain * National deployment, virtual currency "mining" is being terminated HUAQING XIN'AN This guy is lazy and doesn't say anything! LATEST ARTICLES * Starting today, you can install one less agent! 2022-05-17 17:11:20 * Overview of encrypted traffic in attack and defense drill scenarios 2022-05-17 10:32:21 * Encrypted traffic detection technology in attack and defense drill scenarios 2022-05-17 10:30:09 * Haiyun An successfully passed the CCRC "Mobile Internet Application (App) Personal Information Security Test" proficiency verification 2022-05-17 10:28:17 see more RELATED HOT ARTICLES * Starting today, you can install one less agent! Technology Industry Information * Overview of encrypted traffic in attack and defense drill scenarios Beijing Guancheng Technology * Encrypted traffic detection technology in attack and defense drill scenarios Beijing Guancheng Technology * Haiyun An successfully passed the CCRC "Mobile Internet Application (App) Personal Information Security Test" proficiency verification Hai Van Secidea * "Security Lecture" Issue No. 14|Unbreakable, Unbreakable: Threats and Solutions of Software Supply Chain Yunding Lab * National deployment, virtual currency "mining" is being terminated Huaqing Xin'an Company Profile I want to contribute Advertising and Services Changelog Links Privacy Policy ©2020 Beijing Roaring Culture Media Co., Ltd. Beijing ICP No. 16063439-1 ©2020 Beijing Roaring Culture Media Co., Ltd. | Beijing ICP No. 16063439-1 This site is hosted by Provide cloud computing services Follow Howl Media follow roar PARTNER Xinhuanet Security China Aliju Security four leaf clover safe Vipshop Security Emergency Response Center Security Technology Cloud Shield Prophet Xinghua Eternal SOBUG WeChat Weibo RSS Know almost ORIGINAL TEXT Contribute a better translation --------------------------------------------------------------------------------