Procedural mistakes, and not some new security bug, were likely the cause of the defacement last week of the Web site of the SANS Institute, according to sources close to the organization. The computer security research and education group restored its Web site Sunday evening, after its home page was replaced Friday by an attacker using the name "Fluffi Bunni.". . .
Procedural mistakes, and not some new security bug, were likely the cause of the defacement last week of the Web site of the SANS Institute, according to sources close to the organization. The computer security research and education group restored its Web site Sunday evening, after its home page was replaced Friday by an attacker using the name "Fluffi Bunni."

The defaced page included a photo of a pink stuffed rabbit in front of a computer. On the screen of the monitor read a message, "Would you really trust these guys to teach you security?"

Sources close to SANS told Newsbytes that the forensic analysis of the defacement is focused on custom CGI scripts or other code at the site that provides special features. Such scripts have caused security lapses in the past at the site, according to one insider. All of the scripts, including one that drives the site's search engine, have been disabled as a precaution.

The link for this article located at Newsbytes is no longer available.