Dutch govt pulls Ruby on Rails, exploits become semi-automated

zdnet.com 11 Jan '13, 5am

Dutch govt pulls Ruby on Rails, exploits become semi-automated

The first effects of the recently discovered Ruby on Rails exploit are beginning to be felt, with the Dutch government pulling its digital ID system briefly offline after realising that it was vulnerable. The Dutch system, called DigiD, allows users to access a number of the government's online services. The government decided to shut the system down yesterday, with a spokesperson for the company telling Nu.nl that it was necessary to close a security issue with the Ruby on Rails platform it was running on. The move comes as an update arrives to Rapid7's Metasploit framework (which coincidentally also runs Ruby on Rails). It now allows administrators to quickly scan hosts for vulnerable versions of Rails instances, and verify that they can be exploited. Unfortunately, the availability of such tools also means that malicious users are able to quickly automate the process of...

Full article: http://www.zdnet.com/dutch-govt-pulls-ruby-on-rails-explo...

Tweets

@DoDRecruiterDC » 12 Jan '13, 9pm
Dutch govt pulls Ruby on Rails, exploits become semi-automated [link] #cybersecurity via @davedaprile
@kouljay » 12 Jan '13, 6pm
@mogetutu Did you see this? RT @jwesonga: Dutch govt pulls Ruby on Rails, exploits become semi-automated [link] via @prismatic
@jwesonga » 12 Jan '13, 12pm
Dutch govt pulls Ruby on Rails, exploits become semi-automated [link] via @prismatic
@wanswins » 12 Jan '13, 4am
Update your RoR site as soon as possible! "Dutch govt pulls Ruby on Rails, exploits become semi-automated" [link] #ruby #rails
@gslin » 11 Jan '13, 12pm
Dutch govt pulls Ruby on Rails, exploits become semi-automated [link] via @zite
@anikak03 » 11 Jan '13, 11am
Dutch govt pulls Ruby on Rails, exploits become semi-automated. Heroku is one platform provider warning users... #CRM [link]
@mkentwell » 11 Jan '13, 10am
Bugger: Dutch govt pulls Ruby on Rails, exploits become semi-automated [link]
@IndelibleData » 11 Jan '13, 8am
Dutch govt pulls Ruby on Rails as exploits become semi-automated. [link]
@craigjdennis » 11 Jan '13, 6am
ZD Net = News: Dutch govt pulls Ruby on Rails, exploits become semi-automated [link]
@CyberExaminer » 11 Jan '13, 6am
#cybersecurity Dutch govt pulls Ruby on Rails, exploits become semi-automated [link] #infosec
@hashdev » 11 Jan '13, 6am
Dutch govt pulls Ruby on Rails, exploits become semi-automated [link] #dev #infosec - via @techcanty [link]
@latesttechn » 11 Jan '13, 6am
Dutch govt pulls Ruby on Rails, exploits become semi-automated [link] #Government #Malware
@Baneki » 11 Jan '13, 6am
RT @SecMash: Dutch govt pulls Ruby on Rails, exploits become semi-automated - [link] #InfoSec
@Xc0resecurity » 11 Jan '13, 6am
#xc0resecurity Dutch govt pulls Ruby on Rails, exploits become semi-automated: The effects of t... [link] #infosec #netsec
@bitcrazed » 11 Jan '13, 6am
RT @ZDNet: Dutch govt pulls Ruby on Rails, exploits become semi-automated [link]
@AdithAURA » 11 Jan '13, 6am
Dutch govt pulls Ruby on Rails, exploits become semi-automated: The effects of the recent vulnerabilities discov... [link]
@FrankRichard11 » 11 Jan '13, 6am
Dutch govt pulls Ruby on Rails, exploits become semi-automated - ZDNet: Dutch govt pulls Ruby on Rails, exploits... [link]
@zdnetaustralia » 11 Jan '13, 6am
The recent Ruby on Rails exploit continues to have administrators scrambling to update their environments: [link]
@techcanty » 11 Jan '13, 6am
Dutch govt pulls Ruby on Rails, exploits become semi-automated [link] #dev #infosec
@SecMash » 11 Jan '13, 5am
Dutch govt pulls Ruby on Rails, exploits become semi-automated [link] #InfoSec
@ZDNet » 11 Jan '13, 5am
Dutch govt pulls Ruby on Rails, exploits become semi-automated [link]
@SecurityPhresh » 11 Jan '13, 6am
Dutch Govt Pulls Ruby On Rails, #Exploits Become Semi-automated... [link]